.github/workflows/qodana.yml

# Workflow for testing spoon code quality.
#
# Note that actions are specified by commit hash. This is to avoid the security
# risk of someone injecting malicious code into a release and then simply
# changing a tag.

name: Qodana
on:
  pull_request:
    branches:
      - master
jobs:
    code-quality:
      runs-on: ubuntu-latest
      name: code-quality qodana
      steps:
        - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
          with:
            fetch-depth: 0
        - name: 'Qodana Scan'
          uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
          with:
            args: --source-directory,./src/main/java , --fail-threshold, 0
            post-pr-comment: "false"
        - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3
          with:
            sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
    code-quality-spoon-javadoc:
      runs-on: ubuntu-latest
      name: code-quality spoon-javadoc qodana
      steps:
        - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
          with:
            fetch-depth: 0
        - name: 'Qodana Scan (spoon-javadoc)'
          uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
          with:
            args: --source-directory,./spoon-javadoc/src/main/java , --fail-threshold, 0
            post-pr-comment: "false"
        - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3
          with:
            sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
    code-quality-spoon-control-flow:
      runs-on: ubuntu-latest
      name: code-quality spoon-controlflow qodana
      steps:
        - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
          with:
            fetch-depth: 0
        - name: 'Qodana Scan (spoon-control-flow)'
          uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
          with:
            args: --source-directory,./spoon-control-flow/src/main/java , --fail-threshold, 0
            post-pr-comment: "false"
        - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3
          with:
            sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json