Skip to content

Fix code scanning workflow #120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 15 commits into from
Closed

Fix code scanning workflow #120

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
8901c11
Update action versions
mbaluda May 28, 2024
5bd12a7
remove lock files
mbaluda May 28, 2024
5970f15
remove jq action
mbaluda May 28, 2024
08b509b
Update code_scanning.yml
mbaluda May 28, 2024
a1536f0
Update code_scanning.yml
mbaluda May 28, 2024
ecb0d51
Update code_scanning.yml
mbaluda May 28, 2024
882756c
Update qlt.conf.json
mbaluda May 28, 2024
cb5ddbb
Update qlt.conf.json
mbaluda May 28, 2024
dd79bac
Update code_scanning.yml
mbaluda May 28, 2024
b86852e
Update code_scanning.yml
mbaluda May 28, 2024
247851c
Update code_scanning.yml
mbaluda May 28, 2024
448ec06
Update code_scanning.yml
mbaluda May 28, 2024
31af618
Update code_scanning.yml
mbaluda May 28, 2024
1718329
Merge branch 'main' into mbaluda-fix-code-scanning
mbaluda May 28, 2024
9f121a6
Update codeql-config.yaml
mbaluda May 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 0 additions & 3 deletions .github/codeql/codeql-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,5 @@ queries:
- uses: ./javascript/frameworks/ui5/src/codeql-suites/javascript-security-extended.qls
- uses: ./javascript/frameworks/cap/src/codeql-suites/javascript-security-extended.qls

paths:
- "**/*.xml"
- "**/*.json"
paths-ignore:
- "**/frameworks/*/test/models"
16 changes: 7 additions & 9 deletions .github/workflows/code_scanning.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:

env:
LGTM_INDEX_XML_MODE: all
LGTM_INDEX_FILTERS: "include:**/*.json"
LGTM_INDEX_FILTERS: "include:**/*.json\ninclude:**/*.js"

jobs:
analyze:
Expand All @@ -37,6 +37,7 @@ jobs:
mv $dir .github/codeql/extensions/$dir
done


- name: Ensure presence of cds shell command
run: |
if ! command -v cds &> /dev/null
Expand All @@ -55,19 +56,16 @@ jobs:
-o "$cds_file.json"
done

# Initializes the CodeQL tools for scanning.
- name: Extract version from qlt.conf.json
uses: sergeysova/jq-action@v2
id: version
with:
cmd: 'jq .CodeQLCLIBundle qlt.conf.json -r'

- name: Extract CodeQL bundle version
run: |
echo "BUNDLE_VERSION=$(jq .CodeQLCLIBundle qlt.conf.json -r)" >> $GITHUB_ENV

- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: javascript
config-file: ./.github/codeql/codeql-config.yaml
tools: https://github.com/github/codeql-action/releases/download/${{steps.version.outputs.value}}/codeql-bundle-linux64.tar.gz
tools: https://github.com/github/codeql-action/releases/download/${{env.BUNDLE_VERSION}}/codeql-bundle-linux64.tar.gz
debug: true

- name: Perform CodeQL Analysis
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/run-codeql-unit-tests-javascript.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Install QLT
id: install-qlt
Expand All @@ -43,7 +43,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Install QLT
id: install-qlt
Expand Down Expand Up @@ -116,7 +116,7 @@ jobs:
--work-dir $RUNNER_TMP

- name: Upload test results
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }}
path: |
Expand All @@ -130,7 +130,7 @@ jobs:
steps:

- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Install QLT
id: install-qlt
Expand All @@ -141,7 +141,7 @@ jobs:


- name: Collect test results
uses: actions/download-artifact@v2
uses: actions/download-artifact@v4

- name: Validate test results
run: |
Expand Down
4 changes: 0 additions & 4 deletions javascript/frameworks/cap/ext/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions javascript/frameworks/cap/lib/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions javascript/frameworks/cap/src/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

30 changes: 0 additions & 30 deletions javascript/frameworks/cap/test/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

4 changes: 0 additions & 4 deletions javascript/frameworks/ui5/ext/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions javascript/frameworks/ui5/lib/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions javascript/frameworks/ui5/src/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

30 changes: 0 additions & 30 deletions javascript/frameworks/ui5/test/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

4 changes: 0 additions & 4 deletions javascript/heuristic-models/ext/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions javascript/heuristic-models/tests/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion qlt.conf.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@
"CodeQLCLI": "2.17.3",
"CodeQLStandardLibrary": "codeql-cli/v2.17.3",
"CodeQLCLIBundle": "codeql-bundle-v2.17.3"
}
}
24 changes: 0 additions & 24 deletions scripts/codeql-pack.lock.yml
View file
Open in desktop

This file was deleted.

Loading