DataCenterCDC-DS/.github/workflows/codeql.yaml

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: "CodeQL"

on:
  push:
    branches:
      - 'dev'
  pull_request:
    branches:
      - 'dev'

concurrency:
  group: codeql-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

jobs:
  analyze:
    if: (github.event_name == 'schedule' && github.repository == 'apache/dolphinscheduler') || (github.event_name != 'schedule')
    name: Analyze
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v3
      with:
        submodules: true

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v2
      with:
        languages: java
        queries: +security-and-quality

    - run: |
        ./mvnw -B clean install \
          -Dmaven.test.skip \
          -Dmaven.javadoc.skip \
          -Dspotless.skip=true \
          -Prelease

    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v2