From b1187b654466bb15c2e42625de652ec86afd02c6 Mon Sep 17 00:00:00 2001 From: Richard Hallows Date: Wed, 8 Jul 2020 16:22:15 +0100 Subject: [PATCH] Create codeql analysis workflow (#4850) --- .github/workflows/code-scanning.yml | 50 +++++++++++++++++++ .github/workflows/linting.yml | 41 +++++++++++++++ .github/workflows/{nodejs.yml => testing.yml} | 29 +---------- 3 files changed, 92 insertions(+), 28 deletions(-) create mode 100644 .github/workflows/code-scanning.yml create mode 100644 .github/workflows/linting.yml rename .github/workflows/{nodejs.yml => testing.yml} (73%) diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/code-scanning.yml new file mode 100644 index 0000000000..ff827220a1 --- /dev/null +++ b/.github/workflows/code-scanning.yml @@ -0,0 +1,50 @@ +name: 'Code Scanning' + +on: + push: + pull_request: + schedule: + - cron: '0 7 * * 1' + +jobs: + CodeQL: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + with: + # We must fetch at least the immediate parents so that if this is + # a pull request then we can checkout the head. + fetch-depth: 2 + + # If this run was triggered by a pull request event, then checkout + # the head of the pull request instead of the merge commit. + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + + # Override language selection by uncommenting this and choosing your languages + # with: + # languages: go, javascript, csharp, python, cpp, java + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml new file mode 100644 index 0000000000..4bf520e85c --- /dev/null +++ b/.github/workflows/linting.yml @@ -0,0 +1,41 @@ +name: Linting + +on: + push: + branches: + - master + - 'dependabot/**' + pull_request: + branches: + - '**' + +env: + CI: true + +jobs: + lint: + name: Lint on Node.js ${{ matrix.node }} and ${{ matrix.os }} + + runs-on: ${{ matrix.os }} + + strategy: + matrix: + node: [12] + os: [ubuntu-latest] + + steps: + - uses: actions/checkout@v2 + + - name: Use Node.js ${{ matrix.node }} + uses: actions/setup-node@v1 + with: + node-version: ${{ matrix.node }} + + - name: Install latest npm + run: npm install --global npm@latest + + - name: Install dependencies + run: npm ci + + - name: Lint + run: npm run pretest diff --git a/.github/workflows/nodejs.yml b/.github/workflows/testing.yml similarity index 73% rename from .github/workflows/nodejs.yml rename to .github/workflows/testing.yml index 8c86744889..4cd17afc4e 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/testing.yml @@ -1,4 +1,4 @@ -name: CI +name: Testing on: push: @@ -13,33 +13,6 @@ env: CI: true jobs: - lint: - name: Lint on Node.js ${{ matrix.node }} and ${{ matrix.os }} - - runs-on: ${{ matrix.os }} - - strategy: - matrix: - node: [12] - os: [ubuntu-latest] - - steps: - - uses: actions/checkout@v2 - - - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v1 - with: - node-version: ${{ matrix.node }} - - - name: Install latest npm - run: npm install --global npm@latest - - - name: Install dependencies - run: npm ci - - - name: Lint - run: npm run pretest - test: name: Test on Node.js ${{ matrix.node }} and ${{ matrix.os }}