This repository was archived by the owner on Nov 5, 2024. It is now read-only.
CodeQL #155
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CodeQL | |
| on: | |
| schedule: | |
| - cron: '0 0 * * 0' # At 00:00 every Sunday | |
| jobs: | |
| codeql: | |
| name: Code Analysis | |
| runs-on: ubuntu-latest | |
| env: | |
| # Force CodeQL to run the extraction on the files compiled by our custom | |
| # build command, as opposed to letting the autobuilder figure it out. | |
| # This approach is more efficient because TriggerMesh is composed of | |
| # multiple small programs. | |
| CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'on' | |
| permissions: | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.20' | |
| - name: Go caches | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ github.job }}-${{ runner.os }}-go- | |
| # Install IBM MQ client required by IBM MQ source and target adapters | |
| - name: Install IBM MQ client | |
| run: | | |
| curl https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqdev/redist/9.3.0.0-IBM-MQC-Redist-LinuxX64.tar.gz -o mq.tar.gz | |
| mkdir -p /opt/mqm | |
| tar -C /opt/mqm -xzf mq.tar.gz | |
| # Install C libraries required by the XSLT transformation adapter | |
| - name: Install C libraries for XSLT transformation | |
| run: sudo apt-get install -y --no-install-recommends libxml2-dev libxslt1-dev liblzma-dev zlib1g-dev | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: go | |
| # The code compiled in this step is also the one being analyzed in the next | |
| # step, due to build tracing being enabled via the CODEQL_EXTRACTOR_GO_BUILD_TRACING | |
| # environment variable. | |
| - name: Build Go code | |
| run: go build ./cmd/... | |
| # This step follows the three-step extraction process described at | |
| # https://lgtm.com/help/lgtm/go-extraction | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 |