Skip to content

CodeQL

CodeQL #320

Workflow file for this run

name: "CodeQL"
on:
workflow_dispatch: # Allow manually triggered workflow run
schedule:
# At 05:30 on every day-of-week from Monday through Friday.
- cron: "30 5 * * 1-5"
jobs:
analyze-java:
name: Analyze Java (Kotlin)
runs-on:
labels: ubuntu-latest
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: java
queries: security-and-quality
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
with:
cache-encryption-key: ${{ secrets.gradlekey }}
dependency-graph: generate-and-submit
- name: Assemble
run: ./gradlew assemble -Dorg.gradle.jvmargs="-Dkotlin.daemon.jvmargs=-Xmx16g" --configuration-cache
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:java"
analyze-javascript:
name: Analyze Javascript (Typescript)
runs-on:
labels: ubuntu-latest
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: javascript
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:javascript"
tjenestespesifikasjoner:
name: Analyze Java (Kotlin)
runs-on:
labels: ubuntu-latest
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: java
queries: security-and-quality
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
- name: Build with Maven
run: mvn -f tjenestespesifikasjoner -B install
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:java"