Merge pull request odpi#7500 from planetf1/issue7499

lcpopa · Mar 19, 2023 · 579bf21 · 579bf21
2 parents 938e9d2 + c45fcf7
commit 579bf21
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 8 deletions.
diff --git a/.github/workflows/codeql-v4.yml b/.github/workflows/codeql-v4.yml
@@ -10,16 +10,13 @@
 name: "CodeQL Analysis v4"
 
 on:
-  #push:
-  #  branches: [main, egeria-release-4*]
-  #pull_request:
-  #  # The branches below must be a subset of the branches above
-  #  branches: [main, egeria-release-4*]
+  push:
+    branches: [main, egeria-release-4*]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main, egeria-release-4*]
   workflow_dispatch:
 
-env:
-  CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
-
 jobs:
   analyze:
     if: ${{ github.repository == 'odpi/egeria'}}
@@ -45,6 +42,7 @@ jobs:
         with:
           languages: java
           queries: security-and-quality
+          ram: 4096
       - name: Build
         uses: gradle/gradle-build-action@v2
         with:
@@ -54,3 +52,5 @@ jobs:
           arguments: -x javadoc -x test build -PskipOpenTypesFVT
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2
+        with:
+          ram: 4096
diff --git a/codeql-v4.yml b/codeql-v4.yml
@@ -0,0 +1,56 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+#
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+---
+name: "CodeQL Analysis v4"
+
+on:
+  #push:
+  #  branches: [main, egeria-release-4*]
+  #pull_request:
+  #  # The branches below must be a subset of the branches above
+  #  branches: [main, egeria-release-4*]
+  workflow_dispatch:
+
+env:
+  CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
+
+jobs:
+  analyze:
+    if: ${{ github.repository == 'odpi/egeria'}}
+    name: "CodeQL Build v4"
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - uses: gradle/wrapper-validation-action@v1
+      - name: Setup Java JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: java
+          queries: security-and-quality
+      - name: Build
+        uses: gradle/gradle-build-action@v2
+        with:
+          # codeQL requires a full before/after build to compare results. Caching can result in action failing
+          #cache-read-only: true
+          cache-disabled: true
+          arguments: -x javadoc -x test build -PskipOpenTypesFVT
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2