Skip to content

Commit

Permalink
Fix CodeQL scanning (#2215)
Browse files Browse the repository at this point in the history
- Opt-out of `.tool-version` update by renovate
- `make build-all` is required to build all binaries nowadays.
- Also we can remove `javascript` scanning with the removal of the
Node.js test app.
  • Loading branch information
silvestre authored Oct 27, 2023
1 parent 0a786e7 commit 2c16b77
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 3 deletions.
7 changes: 5 additions & 2 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,16 @@ jobs:
strategy:
fail-fast: false
matrix:
language: [ 'go', 'java', 'javascript', 'ruby' ]
language: [ 'go', 'java', 'ruby' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Trust my checkout
run: git config --global --add safe.directory "${GITHUB_WORKSPACE}"

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
Expand All @@ -58,7 +61,7 @@ jobs:

- name: Build
run: |
make build
make build-all
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
2 changes: 1 addition & 1 deletion .tool-versions
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ concourse 7.10.0
direnv 2.32.3
gcloud 452.0.0
ginkgo 2.13.0
golang 1.21.3
golang 1.20.6
golangci-lint 1.55.1
java temurin-17.0.9+9
make 4.4
Expand Down
2 changes: 2 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ export GOWORK = off
$(shell mkdir -p target)
$(shell mkdir -p build)

.DEFAULT_GOAL := build-all

list-modules:
@echo ${go_modules}

Expand Down
6 changes: 6 additions & 0 deletions renovate.json
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@
"matchDepTypes": ["golang"],
"enabled": false
},
{
"description": "Disable asdf Go version updates, as they are taken care by our bosh-package-golang-release-based automation",
"matchManagers": ["asdf"],
"matchDepTypes": ["golang"],
"enabled": false
},
{
"description": "Strip of v prefix from version number in certain github releases",
"packageNames": ["bosh-cli"],
Expand Down

0 comments on commit 2c16b77

Please sign in to comment.