From e72afeb4274834dbdbb63972bf75f05070072b35 Mon Sep 17 00:00:00 2001 From: Tilman Vatteroth Date: Fri, 11 Nov 2022 11:47:01 +0100 Subject: [PATCH] fix(ci): merge codeql analysis workflows Signed-off-by: Tilman Vatteroth --- .github/workflows/codeql-analysis.yml | 19 ++++++++++--- .github/workflows/frontend-codeql.yml | 39 --------------------------- 2 files changed, 15 insertions(+), 43 deletions(-) delete mode 100644 .github/workflows/frontend-codeql.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 264fbb966..a608acbf4 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -19,14 +19,18 @@ on: push: branches: [ develop ] paths: - - 'src/' - - 'test/' + - 'backend/src/' + - 'backend/test/' + - 'frontend/src/' + - 'frontend/cypress/' pull_request: # The branches below must be a subset of the branches above branches: [ develop ] paths: - - 'src/' - - 'test/' + - 'backend/src/' + - 'backend/test/' + - 'frontend/src/' + - 'frontend/cypress/' schedule: - cron: '15 4 * * 3' @@ -34,6 +38,10 @@ jobs: analyze: name: Analyze runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write strategy: fail-fast: false @@ -52,6 +60,7 @@ jobs: uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} + queries: +security-and-quality # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. @@ -75,3 +84,5 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/frontend-codeql.yml b/.github/workflows/frontend-codeql.yml deleted file mode 100644 index 4e183ff2d..000000000 --- a/.github/workflows/frontend-codeql.yml +++ /dev/null @@ -1,39 +0,0 @@ -# SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) -# -# SPDX-License-Identifier: AGPL-3.0-only - -name: "CodeQL" - -on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - schedule: - - cron: "54 23 * * 2" - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: TypeScript - queries: +security-and-quality - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:TypeScript"