msfjarvis/compose-lobsters
1
Fork 0
mirror of https://github.com/msfjarvis/compose-lobsters synced 2025-08-14 23:27:04 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions 4
compose-lobsters/.github/workflows/code_quality_analysis.yml

75 lines
1.9 KiB
YAML
Raw Blame History

name: Code quality analysis
on:
push:
branches:
- main
- renovate/**
schedule:
- cron: '31 7 * * 3'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
security-events: write
jobs:
codeql:
name: CodeQL
runs-on: macos-14
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
distribution: temurin
java-version: 18
- name: Setup Gradle
uses: gradle/actions/setup-gradle@6cec5d49d4d6d4bb982fbed7047db31ea6d38f11 # v3
with:
cache-read-only: true
- name: Initialize CodeQL
uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
with:
languages: java
tools: latest
queries: +security-extended
- name: Build project
shell: bash
run: |
./gradlew assembleDebug assembleInternal
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
with:
category: "/language:java"
mobsfscan:
name: MobSF
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5
with:
python-version: 3.8
- name: Run mobsfscan
uses: MobSF/mobsfscan@35b2016602af9d6ac52f296becca11be3fe004e8
with:
args: . --sarif --output results.sarif || true
- name: Upload mobsfscan report
uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
with:
sarif_file: results.sarif
Reference in a new issue View git blame Copy permalink