mirror of https://github.com/hyperledger/besu
An enterprise-grade Java-based, Apache 2.0 licensed Ethereum client https://wiki.hyperledger.org/display/besu
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
1.9 KiB
55 lines
1.9 KiB
# For most projects, this workflow file will not need changing; you simply need
|
|
# to commit it to your repository.
|
|
#
|
|
# You may wish to alter this file to override the set of languages analyzed,
|
|
# or to provide custom queries or build logic.
|
|
#
|
|
# ******** NOTE ********
|
|
# We have attempted to detect the languages in your repository. Please check
|
|
# the `language` matrix defined below to confirm you have the correct set of
|
|
# supported CodeQL languages.
|
|
#
|
|
name: "CodeQL"
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
# * is a special character in YAML so you have to quote this string
|
|
# expression evaluates to midnight every night
|
|
- cron: '0 0 * * *'
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
runs-on: ubuntu-22.04
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
|
|
- name: Set up Java
|
|
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: 17
|
|
# Initializes the CodeQL tools for scanning.
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@2f93e4319b2f04a2efc38fa7f78bd681bc3f7b2f
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
# If you wish to specify custom queries, you can do so here or in a config file.
|
|
# By default, queries listed here will override any specified in a config file.
|
|
# Prefix the list here with "+" to use these queries and those in the config file.
|
|
queries: security-and-quality,security-extended
|
|
|
|
- name: setup gradle
|
|
uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1
|
|
with:
|
|
cache-disabled: true
|
|
- name: compileJava noscan
|
|
run: |
|
|
JAVA_OPTS="-Xmx2048M" ./gradlew --no-scan compileJava
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@2f93e4319b2f04a2efc38fa7f78bd681bc3f7b2f
|
|
|