Stian Thorgersen
058538ca08
Revert "Apply the principle of least privilege for GitHub workflows ( #33534 )" ( #33626 )
...
This reverts commit 61c6bd5ace
.
2024-10-07 08:41:43 +02:00
Bruno Oliveira da Silva
61c6bd5ace
Apply the principle of least privilege for GitHub workflows ( #33534 )
...
Closes #33544
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2024-10-04 14:17:35 +02:00
Jon Koops
741e0839a9
Expand CodeQL coverage to all JavaScript and TypeScript ( #32988 )
...
Closes #32987
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-23 14:28:16 +02:00
Peter Zaoral
d9f8a1bf4e
Testing Keycloak with nightly Quarkus releases ( #23407 )
...
Closes #23322
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-23 09:43:31 +01:00
dependabot[bot]
10776a488e
Bump github/codeql-action from 2 to 3 ( #25557 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-02 08:47:02 -03:00
Alexander Schwartz
672cef89d2
Align maven parameters across GitHub actions ( #25117 )
...
Closes #25116
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-05 08:30:11 +01:00
Jon Koops
48e4e973a4
Use version range for CodeQL action ( #23377 )
2023-09-20 07:05:34 -04:00
dependabot[bot]
4b94298b4a
Bump github/codeql-action from 2.21.5 to 2.21.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.5 to 2.21.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.21.5...v2.21.6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-14 13:52:50 -03:00
dependabot[bot]
29a9f48d4e
Bump actions/checkout from 3 to 4 ( #22963 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-06 07:40:06 -04:00
Alexander Schwartz
8286b8b31f
Status check should fail if "conditional" step fails ( #22948 )
...
Closes #22947
2023-09-05 08:34:41 +02:00
dependabot[bot]
e6ebbc4fe2
Bump github/codeql-action from 2.21.4 to 2.21.5 ( #22773 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.4 to 2.21.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.21.4...v2.21.5 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-29 12:53:18 +02:00
dependabot[bot]
f0739c1501
Bump github/codeql-action from 2.21.2 to 2.21.4 ( #22444 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.2 to 2.21.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.21.2...v2.21.4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-22 07:15:35 -04:00
dependabot[bot]
1902b368c9
Bump github/codeql-action from 2.21.1 to 2.21.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.21.1...v2.21.2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-08 16:40:39 -03:00
Stian Thorgersen
5bb9da3c0d
Refactor conditional in GH workflows ( #22020 )
...
Closes #22019
2023-07-28 07:04:16 +02:00
dependabot[bot]
d3bbe5b0d7
Bump github/codeql-action from 2.21.0 to 2.21.1 ( #22015 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.0 to 2.21.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.21.0...v2.21.1 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-27 06:29:04 +02:00
Stian Thorgersen
17d211319b
Change concurrency for GH workflows to prevent conflicts between PRs ( #22018 )
...
Closes #22001
2023-07-27 06:26:03 +02:00
Stian Thorgersen
8848dfed74
Fix conditional checking for PR testing ( #21947 )
...
* Fix conditional checking for PR testing
Closes #21946
* Update .github/actions/conditional/action.yml
Co-authored-by: Jon Koops <jonkoops@gmail.com>
---------
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-07-25 15:43:53 +02:00
Stian Thorgersen
6220a9d71f
Remove scheduled from individual workflows ( #21847 )
2023-07-21 11:51:10 +02:00
dependabot[bot]
8c7f56787e
Bump github/codeql-action from 2.20.4 to 2.21.0 ( #21833 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.4 to 2.21.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.20.4...v2.21.0 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-20 11:32:58 +02:00
dependabot[bot]
552ffcf379
Bump github/codeql-action from 2.20.2 to 2.20.4 ( #21722 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.2 to 2.20.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.20.2...v2.20.4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-17 12:42:05 +02:00
dependabot[bot]
22e40641e9
Bump github/codeql-action from 2.20.1 to 2.20.2 ( #21483 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.20.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.20.1...v2.20.2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-06 10:29:13 +00:00
dependabot[bot]
8739153bd2
Bump github/codeql-action from 2.20.0 to 2.20.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.20.0...v2.20.1 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-26 17:16:59 -03:00
dependabot[bot]
c2966a9854
Bump github/codeql-action from 2.3.6 to 2.20.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.20.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.3.6...v2.20.0 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-19 13:48:51 -03:00
dependabot[bot]
d5ef798cac
Bump github/codeql-action from 2.3.3 to 2.3.6 ( #20765 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/v2.3.6/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.3.3...v2.3.6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 17:28:02 -03:00
dependabot[bot]
909d409deb
Bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.3.2...v2.3.3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-05 14:24:14 -03:00
dependabot[bot]
65b59c83c5
Bump github/codeql-action from 2.2.12 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.12...v2.3.2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-04 08:38:04 -03:00
dependabot[bot]
e5d4f43fe0
Bump github/codeql-action from 2.2.11 to 2.2.12 ( #19740 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.11...v2.2.12 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 08:27:58 -04:00
dependabot[bot]
35854a76bf
Bump github/codeql-action from 2.2.9 to 2.2.11 ( #19605 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.9...v2.2.11 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 16:01:09 +02:00
dependabot[bot]
273bb6178f
Bump github/codeql-action from 2.2.8 to 2.2.9 ( #19479 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.8...v2.2.9 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-04 14:14:41 -04:00
dependabot[bot]
548827b5a3
Bump github/codeql-action from 2.2.7 to 2.2.8 ( #19332 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.7...v2.2.8 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-29 07:02:19 -04:00
dependabot[bot]
8b2352207c
Bump github/codeql-action from 2.2.6 to 2.2.7 ( #19111 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.6...v2.2.7 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 08:43:23 -04:00
dependabot[bot]
8d40e1a276
Bump github/codeql-action from 2.2.5 to 2.2.6 ( #17582 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/v2.2.6/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.5...v2.2.6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-14 12:52:30 +01:00
Jon Koops
6d2e57f93a
Move Keycloak JS into the NPM workspace ( #17401 )
2023-03-03 13:56:53 +01:00
dependabot[bot]
46677f510e
Bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/v2.2.5/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.4...v2.2.5 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-27 15:57:31 -03:00
dependabot[bot]
3a99384bae
Bump github/codeql-action from 2.2.1 to 2.2.4 ( #17006 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.2.1...v2.2.4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-11 20:26:44 +01:00
dependabot[bot]
d32cc7c3f9
Bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.39...v2.2.1 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 16:04:13 -03:00
Stian Thorgersen
d2ef774788
Conditional workflows ( #16666 )
...
* Conditional workflows
Closes #16665
* Added .editorconfig to make sure there's a newline in conditions file
* Fix
* Tweak
* Tweaks
2023-01-30 08:07:10 +01:00
dependabot[bot]
c4860ffe7c
Bump github/codeql-action from 2.1.38 to 2.1.39 ( #16562 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.38...v2.1.39 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-23 08:17:45 +01:00
dependabot[bot]
42d74f3ad8
Bump github/codeql-action from 2.1.37 to 2.1.38 ( #16459 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.37...v2.1.38 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-01-20 09:09:21 +01:00
dependabot[bot]
23ad6ccd0f
Bump github/codeql-action from 2.1.36 to 2.1.37 ( #16050 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.36...v2.1.37 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 17:24:58 +01:00
Stian Thorgersen
173ff10141
Change names of checks ( #16000 )
2022-12-14 17:44:40 +01:00
Stian Thorgersen
a5670af745
Keycloak CI workflow refactoring ( #15968 )
...
* Keycloak CI workflow refactoring
Closes #15861
* Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update CodeQL actions
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2022-12-14 16:12:23 +01:00
Bruno Oliveira da Silva
6ebad26904
Failure to upload the SARIF file on pull requests ( #10725 )
...
The changes proposed here will resolve the issues we have with
pull-request after the merge of #10606 . It creates 3 different
workflows to conditionally execute the job based on changes submitted.
A detailed explanation about the issue can be found on #10717 .
Resolves #10717
2022-03-15 08:59:59 +01:00
Bruno Oliveira da Silva
f06ba05405
The CodeQL analysis is broken due to the large content of the SARIF file ( #10606 )
...
The issue was originally caused by high number of flows paths per alert
generated by the LDAP federation module. That was identified taking the
SARIF file generated and running:
```
jq '.runs[0].results | map({query_id: .rule.id, numPaths: .codeFlows |
length})' java.sarif
```
Together we reduced the number of flows paths, adding optimizations to
skip some paths and avoid false alerts.
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Closes #10203
Co-authored-by: Joshua Mulliken <joshua@mulliken.net>
2022-03-11 13:55:17 +01:00
Stian Thorgersen
1df842eb4b
Update codeql-analysis.yml
2022-02-21 13:33:35 -03:00
Bruno Oliveira da Silva
38d817b7b9
Configure CodeQL to perform the analysis of the main branch
...
The CodeQL configuration file still has some references to the old
branch `master`, that means that most of the information provided by the
tool must be outdated. Change it is necessary to perform the correct
analysis of the codebase.
Closes #10103
2022-02-10 09:57:53 -03:00
Bruno Oliveira da Silva
f2430c0994
Exclude some folders from our SAST analysis
...
Currently, the CodeQL scanner has been analyzing the whole
codebase,including folders like testsuite, or examples. Those folders
are not relevant from the security standpoint, considering that they do
not expose our users and customers to any risks. They are only relevant
in the context of our pipelines, but never used in production.
Closes #9631
2022-01-20 18:42:39 -03:00
Hynek Mlnarik
11b72d20e7
KEYCLOAK-18147 Fix CodeQL failures
2021-07-01 08:42:21 +02:00
Stian Thorgersen
dc4959a8f9
Create codeql-analysis.yml
2020-10-23 08:40:43 +02:00