Skip to content
CodeQL

Merge pull request #1515 from rjhancock/java-17 #5

Sign in to view logs

Merge pull request #1515 from rjhancock/java-17

Merge pull request #1515 from rjhancock/java-17 #5

Workflow file for this run

.github/workflows/codeql-analysis.yml at 2b1d2b5
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
# Learn more...
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
name: "CodeQL"
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: "24 16 * * 4"
jobs:
analyze:
name: Analyze
runs-on: ${{ matrix.os }}
outputs:
mmRepo: ${{ steps.find_mm.outputs.mmRepo }}
mmBranch: ${{ steps.find_mm.outputs.mmBranch }}
# Run this job once for each combination in the matrix below.
strategy:
matrix:
os: [ubuntu-latest] # For Code QL running on *nix is sufficient
language: ["java"]
java-distribution: [temurin]
java-version: [17]
fail-fast: false
steps:
- name: Checkout MegaMekLab
uses: actions/checkout@v4
with:
path: megameklab
# Setup composite build for MegaMekLab
# See: https://github.com/MegaMek/megamek/wiki/Working-With-Gradle
- name: Setup Composite Build for MegaMekLab
run: |
echo "includeBuild '../megamek'" >> ./megameklab/settings_local.gradle
# Find the repo and branch to use for MM
#
# Output variables:
#
# - mmRepo: The MM repository to use.
# - mmBranch: The MM branch to use.
- name: Find the Right MegaMek Branch
id: find_mm
# Override bash so that it doesn't fail fast (the default) if we can't find the branch
shell: bash {0}
# This shell script searches the PR submitter's MM repo for
# a branch that has the same name as the current PR branch.
# If found it sets the `mmRepo` and `mmBranch` step output variables
# to that branch.
run: |
git ls-remote --exit-code --heads ${{ github.event.pull_request.head.repo.owner.html_url }}/megamek.git ${{ github.event.pull_request.head.ref }}
if [ "$?" == "0" ]
then
echo "mmRepo=${{ github.event.pull_request.head.repo.owner.login }}/megamek" >> $GITHUB_OUTPUT
echo "mmBranch=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT
else
echo "mmRepo=MegaMek/megamek" >> $GITHUB_OUTPUT
echo "mmBranch=master" >> $GITHUB_OUTPUT
fi
exit 0
# Checkout the latest MegaMek source and put it in: ./megamek
- name: Checkout MegaMek
uses: actions/checkout@v4
with:
repository: ${{ steps.find_mm.outputs.mmRepo }}
ref: ${{ steps.find_mm.outputs.mmBranch }}
path: megamek
# Setup the requested Java Distribution and Version from the matrix
- name: Set up ${{ matrix.java-distribution }} JDK ${{ matrix.java-version }}
uses: actions/setup-java@v4
with:
distribution: ${{ matrix.java-distribution }}
java-version: ${{ matrix.java-version }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
queries: +security-and-quality
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Build with Gradle
working-directory: megameklab
run: ./gradlew build --stacktrace --scan
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3