create dependency between jobs #15
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "FindSecBugs" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - rh/action-test | |
| # run on new pushes only for non-draft PRs | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - ready_for_review | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Build | |
| uses: gradle/gradle-build-action@v2 | |
| with: | |
| arguments: build -x check --parallel -Pversion=0.0.0 | |
| - name: Upload JARs | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: jar-bundle | |
| path: '**/*.jar' | |
| scan: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| strategy: | |
| # We need to run it multiple times to manually fix the file paths and exclude gradle results | |
| matrix: | |
| module: [ 'codyze-cli/', 'codyze-core/', 'codyze-backends/cpg/' ] | |
| steps: | |
| - name: Download JARs | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jar-bundle | |
| path: '${{ matrix.module }}/' | |
| - name: Run FindSecBugs for Codyze CLI | |
| uses: advanced-security/spotbugs-findsecbugs-action@v1 | |
| with: | |
| spotbugs_target: ${{ matrix.module }} | |
| java_distribution: 'temurin' | |
| java_version: '17' | |
| path_prefix: '${{ matrix.os }}src/main/kotlin/' |