Add Codeql custom config (#115)
* Use custom codeql config and disable build
* Add custom config for codeql
* Enable also codeql for `master` branch
* Check that action work correct
* Revert "Check that action work correct"
This reverts commit ef4d1a0030.
This commit is contained in:
Danil Titarenko
GitHub
parent
c490c09817
commit
e9b4ea7a8c
3
.github/codeql/config-codeql.yml
vendored
Normal file
3
.github/codeql/config-codeql.yml
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
paths:
|
||||
- ./**
|
||||
22
.github/workflows/codeql.yaml
vendored
22
.github/workflows/codeql.yaml
vendored
@ -2,7 +2,8 @@ name: "CodeQL"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'release/**'
|
||||
- 'hotfix/**'
|
||||
paths-ignore:
|
||||
@ -12,6 +13,7 @@ on:
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches:
|
||||
- 'master'
|
||||
- 'release/**'
|
||||
- 'hotfix/**'
|
||||
paths-ignore:
|
||||
@ -48,32 +50,16 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout client
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: client
|
||||
|
||||
- name: Checkout buildtools
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
repository: ONLYOFFICE/DocSpace-buildtools
|
||||
path: buildtools
|
||||
ref: ${{ github.base_ref || github.ref }}
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
config-file: .github/codeql/config-codeql.yml
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
# By default, queries listed here will override any specified in a config file.
|
||||
# Prefix the list here with "+" to use these queries and those in the config file.
|
||||
|
||||
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
||||
# queries: security-extended,security-and-quality
|
||||
- name: build
|
||||
run: |
|
||||
cd ./client
|
||||
yarn install
|
||||
yarn build
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
|
||||
Loading…
Reference in New Issue
Block a user