name: CodeQL
on:
  push:
    branches: [main]
    paths-ignore:
      - cypress/**
      - mocks/**
  pull_request:
    branches: [main]
    paths-ignore:
      - cypress/**
      - mocks/**
env:
  NODE_VERSION: 18
jobs:
  analyze:
    runs-on: ubuntu-latest
    permissions:
      security-events: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: javascript

      - name: Set up Node
        uses: actions/setup-node@v3
        with:
          node-version: ${{ env.NODE_VERSION }}
          check-latest: true
          cache: npm

      - name: Cache Node modules
        id: cache-node-modules
        uses: actions/cache@v3
        with:
          path: node_modules
          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}

      - name: Install dependencies
        if: steps.cache-node-modules.outputs.cache-hit != 'true'
        run: npm ci

      - name: Run build task
        run: npm run build

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2