From 47b23b50f8a22aa19c4bef0c304e159365da0329 Mon Sep 17 00:00:00 2001 From: dkontyko <33853225+dkontyko@users.noreply.github.com> Date: Sun, 11 Feb 2024 17:06:47 -0500 Subject: [PATCH] Update workflows (#72) * update path filter action version * debug CodeQl * test change to function app * changing name of output to remove hyphen * changing name of job * adding test output * checking output reference * adding workflow output * removing debug code * updating codeql actions * adding checkout and artifacts * fixing download path * adding build steps directly to codeQL (and cleaning up maven) * updating setup-java version, undo java file change --- .github/workflows/codeql.yml | 34 +++++++++++++++++----------- .github/workflows/filter-changes.yml | 10 +++++--- .github/workflows/maven.yml | 9 +------- 3 files changed, 29 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6922291..88adabd 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,38 +15,46 @@ env: PACKAGE_DIRECTORY: 'FunctionApp' jobs: - changes: + checkChanges: uses: ./.github/workflows/filter-changes.yml - build: - needs: changes - if: ${{ needs.changes.outputs.function-app == true }} - uses: ./.github/workflows/maven.yml - analyze: - needs: build - if: ${{ success() }} + needs: checkChanges + if: ${{ needs.checkChanges.outputs.functionApp == 'true' }} name: Analyze runs-on: windows-latest timeout-minutes: 30 permissions: - actions: read - contents: read security-events: write strategy: fail-fast: false matrix: - language: [ 'java' ] + language: [ 'java-kotlin' ] steps: + - name: Checkout Code + uses: actions/checkout@v4 + # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} + # AFAIk, this is unavaoidable, since the CodeQL actions + # must be run in the same job as build actions. + - name: Setup Java Sdk ${{ env.JAVA_VERSION }} + uses: actions/setup-java@v4 + with: + distribution: 'microsoft' + java-version: ${{ env.JAVA_VERSION }} + cache: maven + + - name: Build with Maven + run: mvn -B package --file ${{ env.PACKAGE_DIRECTORY }}/pom.xml + - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/filter-changes.yml b/.github/workflows/filter-changes.yml index 6cdaa47..d440f0a 100644 --- a/.github/workflows/filter-changes.yml +++ b/.github/workflows/filter-changes.yml @@ -3,6 +3,10 @@ name: "Filter Changes" on: workflow_dispatch: workflow_call: + outputs: + functionApp: + description: "Whether the FunctionApp directory has changed" + value: ${{ jobs.changes.outputs.functionApp }} jobs: changes: @@ -10,15 +14,15 @@ jobs: permissions: pull-requests: read outputs: - function-app: ${{ steps.filter.outputs.function-app }} + functionApp: ${{ steps.filter.outputs.functionApp }} steps: - name: 'Checkout GitHub Action' uses: actions/checkout@v4 - name: filter id: filter - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@v3 with: filters: | - function-app: + functionApp: - 'FunctionApp/**' \ No newline at end of file diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index bd63d04..19e8d5d 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -22,18 +22,11 @@ jobs: uses: actions/checkout@v4 - name: Setup Java Sdk ${{ env.JAVA_VERSION }} - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'microsoft' java-version: ${{ env.JAVA_VERSION }} cache: maven - - name: 'Restore Project Dependencies Using Mvn' - shell: pwsh - run: | - pushd './${{ env.PACKAGE_DIRECTORY }}' - mvn clean package - popd - - name: Build with Maven run: mvn -B package --file ${{ env.PACKAGE_DIRECTORY }}/pom.xml \ No newline at end of file