(logging-parent) 01/01: Add CodeQL run for GitHub Actions

Tue, 11 Mar 2025 13:44:43 -0700 

This is an automated email from the ASF dual-hosted git repository.

pkarwasz pushed a commit to branch feature/codeql-actions
in repository https://gitbox.apache.org/repos/asf/logging-parent.git

commit a75ed1a28e43b670441ad56dc1bdfc6e81695cb0
Author: Piotr P. Karwasz <piotr.git...@karwasz.org>
AuthorDate: Mon Mar 10 09:49:10 2025 +0100

    Add CodeQL run for GitHub Actions
    
    CodeQL now supports analysis of GitHub Action scripts.
---
 .github/workflows/codeql-analysis-reusable.yaml    |  5 +--
 ...analysis-reusable.yaml => codeql-analysis.yaml} | 37 ++++++----------------
 2 files changed, 12 insertions(+), 30 deletions(-)

diff --git a/.github/workflows/codeql-analysis-reusable.yaml 
b/.github/workflows/codeql-analysis-reusable.yaml
index 8d13de8..e2f1309 100644
--- a/.github/workflows/codeql-analysis-reusable.yaml
+++ b/.github/workflows/codeql-analysis-reusable.yaml
@@ -27,7 +27,7 @@ on:
       # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 
'kotlin', 'python', 'ruby' ]
       # Learn more about CodeQL language support at 
https://git.io/codeql-language-support
       language:
-        description:
+        description: Language used in the repository
         default: java
         type: string
 
@@ -45,7 +45,8 @@ jobs:
       - name: Initialize CodeQL
         uses: 
github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0    # 3.28.9
         with:
-          languages: ${{ inputs.language }}
+          # Also check GitHub Actions
+          languages: ${{ inputs.language }}, actions
 
       - name: Setup JDK
         uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12   # 
4.7.0
diff --git a/.github/workflows/codeql-analysis-reusable.yaml 
b/.github/workflows/codeql-analysis.yaml
similarity index 59%
copy from .github/workflows/codeql-analysis-reusable.yaml
copy to .github/workflows/codeql-analysis.yaml
index 8d13de8..bfe5ecc 100644
--- a/.github/workflows/codeql-analysis-reusable.yaml
+++ b/.github/workflows/codeql-analysis.yaml
@@ -15,21 +15,17 @@
 # limitations under the License.
 #
 
+##
+# Perform CodeQL analysis of GitHub Actions
 name: codeql-analysis
 
 on:
-  workflow_call:
-    inputs:
-      java-version:
-        description: The Java compiler version
-        default: 17
-        type: string
-      # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 
'kotlin', 'python', 'ruby' ]
-      # Learn more about CodeQL language support at 
https://git.io/codeql-language-support
-      language:
-        description:
-        default: java
-        type: string
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '32 12 * * 5'
 
 jobs:
 
@@ -45,22 +41,7 @@ jobs:
       - name: Initialize CodeQL
         uses: 
github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0    # 3.28.9
         with:
-          languages: ${{ inputs.language }}
-
-      - name: Setup JDK
-        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12   # 
4.7.0
-        with:
-          distribution: zulu
-          java-version: ${{ inputs.java-version }}
-          cache: maven
-
-      - name: Build with Maven
-        shell: bash
-        run: |
-          ./mvnw \
-          --show-version --batch-mode --errors --no-transfer-progress \
-          -DskipTests \
-          clean verify
+          languages: actions
 
       - name: Perform CodeQL Analysis
         uses: 
github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0    # 
3.28.9

Reply via email to