This repository has been archived by the owner on Sep 18, 2024. It is now read-only.
CodeQL #90
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL" | |
| on: | |
| workflow_dispatch: # Allow manually triggered workflow run | |
| schedule: | |
| # At 05:30 on every day-of-week from Monday through Friday. | |
| - cron: "30 5 * * 1-5" | |
| jobs: | |
| analyze-java: | |
| name: Analyze Java (Kotlin) | |
| runs-on: | |
| labels: ubuntu-latest | |
| timeout-minutes: 360 | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: java | |
| queries: security-and-quality | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| - name: Build with Maven | |
| run: mvn -B install | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:java" |