Expand CodeQL coverage to all JavaScript and TypeScript (#32988)
Closes #32987 Signed-off-by: Jon Koops <jonkoops@gmail.com>
This commit is contained in:
parent
d778a8551a
commit
741e0839a9
3 changed files with 55 additions and 15 deletions
9
.github/actions/conditional/action.yml
vendored
9
.github/actions/conditional/action.yml
vendored
|
@ -34,9 +34,12 @@ outputs:
|
|||
codeql-java:
|
||||
description: Should "codeql-analysis.yml / java" execute
|
||||
value: ${{ steps.changes.outputs.codeql-java }}
|
||||
codeql-themes:
|
||||
description: Should "codeql-analysis.yml / themes" execute
|
||||
value: ${{ steps.changes.outputs.codeql-themes }}
|
||||
codeql-javascript:
|
||||
description: Should "codeql-analysis.yml / javascript" execute
|
||||
value: ${{ steps.changes.outputs.codeql-javascript }}
|
||||
codeql-typescript:
|
||||
description: Should "codeql-analysis.yml / typescript" execute
|
||||
value: ${{ steps.changes.outputs.codeql-typescript }}
|
||||
guides:
|
||||
description: Should "guides.yml" execute
|
||||
value: ${{ steps.changes.outputs.guides }}
|
||||
|
|
23
.github/actions/conditional/conditions
vendored
23
.github/actions/conditional/conditions
vendored
|
@ -2,7 +2,7 @@
|
|||
#
|
||||
# To test a pattern run '.github/actions/conditional/conditional.sh <remote name> <branch>'
|
||||
|
||||
.github/actions/ ci ci-quarkus ci-store ci-sssd operator js codeql-java codeql-themes guides documentation
|
||||
.github/actions/ ci ci-quarkus ci-store ci-sssd operator js codeql-java codeql-javascript codeql-typescript guides documentation
|
||||
.github/scripts/ ci ci-quarkus ci-sssd
|
||||
.github/scripts/ansible/ ci-store
|
||||
.github/scripts/aws/ ci-store
|
||||
|
@ -10,13 +10,13 @@
|
|||
.github/workflows/ci.yml ci ci-quarkus ci-store ci-sssd ci-webauthn
|
||||
.github/workflows/operator-ci.yml operator
|
||||
.github/workflows/js-ci.yml js
|
||||
.github/workflows/codeql-analysis.yml codeql-java codeql-themes
|
||||
.github/workflows/codeql-analysis.yml codeql-java codeql-javascript codeql-typescript
|
||||
.github/workflows/guides.yml guides
|
||||
.github/workflows/documentation.yml documentation
|
||||
|
||||
.mvn/ ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
|
||||
mvnw ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
|
||||
mvnw.cmd ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-themes guides documentation
|
||||
.mvn/ ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
|
||||
mvnw ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
|
||||
mvnw.cmd ci ci-quarkus ci-store ci-sssd ci-webauthn operator js codeql-java codeql-javascript codeql-typescript guides documentation
|
||||
|
||||
*/src/main/ ci ci-webauthn operator
|
||||
*/src/test/ ci ci-webauthn operator
|
||||
|
@ -44,8 +44,19 @@ services/ js
|
|||
js/apps/account-ui/ ci ci-webauthn
|
||||
js/libs/ui-shared/ ci ci-webauthn
|
||||
|
||||
# The sections below contain a sub-set of files existing in the project which are supported languages by CodeQL.
|
||||
# See: https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/
|
||||
|
||||
## CodeQL Java
|
||||
*.java codeql-java
|
||||
themes/ codeql-themes
|
||||
|
||||
## CodeQL JavaScript
|
||||
*.js codeql-javascript
|
||||
*.html codeql-javascript
|
||||
|
||||
## CodeQL TypeScript
|
||||
*.ts codeql-typescript
|
||||
*.tsx codeql-typescript
|
||||
|
||||
testsuite::database-suite ci-store
|
||||
|
||||
|
|
38
.github/workflows/codeql-analysis.yml
vendored
38
.github/workflows/codeql-analysis.yml
vendored
|
@ -29,7 +29,8 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
java: ${{ steps.conditional.outputs.codeql-java }}
|
||||
themes: ${{ steps.conditional.outputs.codeql-themes }}
|
||||
javascript: ${{ steps.conditional.outputs.codeql-javascript }}
|
||||
typescript: ${{ steps.conditional.outputs.codeql-typescript }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
|
@ -64,11 +65,11 @@ jobs:
|
|||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
||||
|
||||
themes:
|
||||
name: CodeQL Themes
|
||||
javascript:
|
||||
name: CodeQL JavaScript
|
||||
needs: conditional
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.conditional.outputs.themes == 'true'
|
||||
if: needs.conditional.outputs.javascript == 'true'
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
|
@ -81,7 +82,31 @@ jobs:
|
|||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: javascript
|
||||
source-root: themes/src/main/
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
||||
|
||||
typescript:
|
||||
name: CodeQL TypeScript
|
||||
needs: conditional
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.conditional.outputs.typescript == 'true'
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: typescript
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
@ -96,7 +121,8 @@ jobs:
|
|||
needs:
|
||||
- conditional
|
||||
- java
|
||||
- themes
|
||||
- javascript
|
||||
- typescript
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
|
Loading…
Reference in a new issue