Skip to content
CodeQL Advanced

chore(deps): update registry.access.redhat.com/ubi10/nginx-126 docker tag to v10.0-1760573692 #86

Sign in to view logs

chore(deps): update registry.access.redhat.com/ubi10/nginx-126 docker tag to v10.0-1760573692

chore(deps): update registry.access.redhat.com/ubi10/nginx-126 docker tag to v10.0-1760573692 #86

Workflow file for this run

.github/workflows/codeql.yml at 2b685b5
# Workflow for advanced CodeQL setup used for scanning Java/JavaScript/TypeScript/Vue/Python based source files
name: CodeQL Advanced
env:
# Whether to analyze Java code or not (only set to true if repo has Java source code)
analyze-java: true
# Build mode to use for analysis of Java code (e.g. none, autobuild, manual)
java-buildmode: autobuild
# Temurin JDK version to use for autobuild (only when java-buildmode is set to autobuild)
java-version: 21
# Whether to analyze JavaScript/TypeScript/Vue code or not (only set to true if repo has Javascript/Typescript/Vue source code)
analyze-javascript-typescript-vue: true
# Whether to analyze Python code or not (only set to true if repo has Python source code)
analyze-python: false
# Query set to use when analyzing the source code (e.g. default, security-extended, security-and-quality)
analysis-query: security-and-quality
on:
# Runs on pull requests and on pushes to main (in order to keep the regular scanning by GitHub working)
pull_request:
push:
branches: [main]
permissions:
pull-requests: read
security-events: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
check-changes:
name: Check changed files and directories
runs-on: ubuntu-latest
permissions:
pull-requests: read
outputs:
java: ${{ steps.filter.outputs.java }}
javascript-typescript-vue: ${{ steps.filter.outputs.javascript-typescript-vue }}
python: ${{ steps.filter.outputs.python }}
steps:
- name: Checkout repository
uses: it-at-m/lhm_actions/action-templates/actions/action-checkout@9767179088fd2e344d1a24c17404ab809a60f1b6 # v1.0.20
- name: Path Filter
id: filter
uses: it-at-m/lhm_actions/action-templates/actions/action-filter@9767179088fd2e344d1a24c17404ab809a60f1b6 # v1.0.20
codeql-java:
name: Analyze Java source files
runs-on: ubuntu-latest
needs: check-changes
strategy:
fail-fast: false
matrix:
build-path: ["./lizenzliste-backend"] # JSON array formatted as string, contains the paths to the java projects to build
steps:
- uses: it-at-m/lhm_actions/action-templates/actions/action-codeql@9767179088fd2e344d1a24c17404ab809a60f1b6 # v1.0.20
if: ${{ env.analyze-java == 'true' && (github.ref_name == 'main' || needs.check-changes.outputs.java == 'true') }}
with:
codeql-language: java-kotlin
codeql-buildmode: ${{ env.java-buildmode }}
codeql-query: ${{ env.analysis-query }}
java-version: ${{ env.java-version }}
path: ${{ matrix.build-path }}
codeql-javascript-typescript-vue:
name: Analyze JavaScript/TypeScript/Vue source files
runs-on: ubuntu-latest
needs: check-changes
steps:
- uses: it-at-m/lhm_actions/action-templates/actions/action-codeql@9767179088fd2e344d1a24c17404ab809a60f1b6 # v1.0.20
if: ${{ env.analyze-javascript-typescript-vue == 'true' && (github.ref_name == 'main' || needs.check-changes.outputs.javascript-typescript-vue == 'true') }}
with:
codeql-language: javascript-typescript
codeql-query: ${{ env.analysis-query }}
codeql-python:
name: Analyze Python source files
runs-on: ubuntu-latest
needs: check-changes
steps:
- uses: it-at-m/lhm_actions/action-templates/actions/action-codeql@9767179088fd2e344d1a24c17404ab809a60f1b6 # v1.0.20
if: ${{ env.analyze-python == 'true' && (github.ref_name == 'main' || needs.check-changes.outputs.python == 'true') }}
with:
codeql-language: python
codeql-query: ${{ env.analysis-query }}