| name: "CodeQL" |
| |
| on: |
| schedule: |
| - cron: '00 20 * * 3' |
| push: |
| branches: [master] |
| paths-ignore: |
| - 'LICENSE' |
| - 'NOTICE' |
| - 'README' |
| - 'SECURITY.md' |
| pull_request: |
| branches: [master] |
| paths-ignore: |
| - 'LICENSE' |
| - 'NOTICE' |
| - 'README' |
| - 'SECURITY.md' |
| |
| jobs: |
| analyze: |
| name: Analyze |
| runs-on: ubuntu-latest |
| permissions: |
| actions: read |
| contents: read |
| security-events: write |
| |
| strategy: |
| fail-fast: false |
| matrix: |
| language: [ 'java' ] |
| |
| steps: |
| - name: Checkout repository |
| uses: actions/checkout@v3 |
| |
| # Initializes the CodeQL tools for scanning. |
| - name: Initialize CodeQL |
| uses: github/codeql-action/init@v2 |
| with: |
| languages: ${{ matrix.language }} |
| |
| - name: Set up JDK 8 (Corretto) |
| uses: actions/setup-java@v3 |
| with: |
| java-version: '8' |
| distribution: 'corretto' |
| cache: maven |
| |
| - name: Build with Maven |
| run: mvn -B install --file pom.xml |
| |
| - name: Perform CodeQL Analysis |
| uses: github/codeql-action/analyze@v2 |
