Expand CodeQL coverage to all JavaScript and TypeScript (#32988)

Closes #32987

Signed-off-by: Jon Koops <jonkoops@gmail.com>
This commit is contained in:
Jon Koops 2024-09-23 14:28:16 +02:00 committed by GitHub
parent d778a8551a
commit 741e0839a9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 55 additions and 15 deletions

View file

@ -34,9 +34,12 @@ outputs:
codeql-java:
description: Should "codeql-analysis.yml / java" execute
value: ${{ steps.changes.outputs.codeql-java }}
codeql-themes:
description: Should "codeql-analysis.yml / themes" execute
value: ${{ steps.changes.outputs.codeql-themes }}
codeql-javascript:
description: Should "codeql-analysis.yml / javascript" execute
value: ${{ steps.changes.outputs.codeql-javascript }}
codeql-typescript:
description: Should "codeql-analysis.yml / typescript" execute
value: ${{ steps.changes.outputs.codeql-typescript }}
guides:
description: Should "guides.yml" execute
value: ${{ steps.changes.outputs.guides }}

View file

@ -2,7 +2,7 @@
#
# To test a pattern run '.github/actions/conditional/conditional.sh <remote name> <branch>'
.github/actions/ ci ci-quarkus ci-store ci-sssd operator js codeql-java codeql-themes guides documentation
.github/actions/ ci ci-quarkus ci-store ci-sssd operator js codeql-java codeql-javascript codeql-typescript guides documentation
.github/scripts/ ci ci-quarkus ci-sssd
.github/scripts/ansible/ ci-store
.github/scripts/aws/ ci-store
@ -10,13 +10,13 @@
.github/workflows/ci.yml ci ci-quarkus ci-store ci-sssd ci-webauthn
.github/workflows/operator-ci.yml operator
.github/workflows/js-ci.yml js
.github/workflows/codeql-analysis.yml codeql-java codeql-themes
.github/workflows/codeql-analysis.yml codeql-java codeql-javascript codeql-typescript
.github/workflows/guides.yml guides
.github/workflows/documentation.yml documentation
.mvn/ ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
mvnw ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
mvnw.cmd ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
.mvn/ ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
mvnw ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
mvnw.cmd ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
*/src/main/ ci ci-webauthn operator
*/src/test/ ci ci-webauthn operator
@ -44,8 +44,19 @@ services/ js
js/apps/account-ui/ ci ci-webauthn
js/libs/ui-shared/ ci ci-webauthn
# The sections below contain a sub-set of files existing in the project which are supported languages by CodeQL.
# See: https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/
## CodeQL Java
*.java codeql-java
themes/ codeql-themes
## CodeQL JavaScript
*.js codeql-javascript
*.html codeql-javascript
## CodeQL TypeScript
*.ts codeql-typescript
*.tsx codeql-typescript
testsuite::database-suite ci-store

View file

@ -29,7 +29,8 @@ jobs:
runs-on: ubuntu-latest
outputs:
java: ${{ steps.conditional.outputs.codeql-java }}
themes: ${{ steps.conditional.outputs.codeql-themes }}
javascript: ${{ steps.conditional.outputs.codeql-javascript }}
typescript: ${{ steps.conditional.outputs.codeql-typescript }}
steps:
- uses: actions/checkout@v4
@ -64,11 +65,11 @@ jobs:
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
themes:
name: CodeQL Themes
javascript:
name: CodeQL JavaScript
needs: conditional
runs-on: ubuntu-latest
if: needs.conditional.outputs.themes == 'true'
if: needs.conditional.outputs.javascript == 'true'
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
@ -81,7 +82,31 @@ jobs:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: javascript
source-root: themes/src/main/
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
typescript:
name: CodeQL TypeScript
needs: conditional
runs-on: ubuntu-latest
if: needs.conditional.outputs.typescript == 'true'
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
steps:
- uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: typescript
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
@ -96,7 +121,8 @@ jobs:
needs:
- conditional
- java
- themes
- javascript
- typescript
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4