|
|
@@ -0,0 +1,50 @@
|
|
|
+name: "CodeQL"
|
|
|
+
|
|
|
+on:
|
|
|
+ push:
|
|
|
+ branches: [ master, stable-3.* ]
|
|
|
+ pull_request:
|
|
|
+ branches: [ master ]
|
|
|
+ schedule:
|
|
|
+ - cron: '42 10 * * 4'
|
|
|
+
|
|
|
+jobs:
|
|
|
+ analyze:
|
|
|
+ name: Analyze
|
|
|
+ runs-on: ubuntu-latest
|
|
|
+ permissions:
|
|
|
+ actions: read
|
|
|
+ contents: read
|
|
|
+ security-events: write
|
|
|
+
|
|
|
+ strategy:
|
|
|
+ fail-fast: false
|
|
|
+ matrix:
|
|
|
+ language: [ 'java' ]
|
|
|
+ # Learn more about CodeQL language support at https://git.io/codeql-language-support
|
|
|
+
|
|
|
+ steps:
|
|
|
+ - name: Checkout repository
|
|
|
+ uses: actions/checkout@v2
|
|
|
+
|
|
|
+ # Initializes the CodeQL tools for scanning.
|
|
|
+ - name: Initialize CodeQL
|
|
|
+ uses: github/codeql-action/init@v1
|
|
|
+ with:
|
|
|
+ languages: ${{ matrix.language }}
|
|
|
+
|
|
|
+ # Build
|
|
|
+ - name: Set up JDK 11
|
|
|
+ uses: actions/setup-java@v2
|
|
|
+ with:
|
|
|
+ distribution: "temurin"
|
|
|
+ java-version: 11
|
|
|
+ - name: Assemble
|
|
|
+ run: |
|
|
|
+ mkdir -p $HOME/.gradle
|
|
|
+ echo "org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError" > $HOME/.gradle/gradle.properties
|
|
|
+ ./gradlew assembleGplayDebug
|
|
|
+
|
|
|
+ # Run analysis
|
|
|
+ - name: Perform CodeQL Analysis
|
|
|
+ uses: github/codeql-action/analyze@v1
|
Tobias Kaminsky