| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- # Licensed to the Apache Software Foundation (ASF) under one
- # or more contributor license agreements. See the NOTICE file
- # distributed with this work for additional information
- # regarding copyright ownership. The ASF licenses this file
- # to you under the Apache License, Version 2.0 (the
- # "License"); you may not use this file except in compliance
- # with the License. You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- name: "CodeQL"
- on:
- push:
- branches:
- - 'dev'
- pull_request:
- branches:
- - 'dev'
- concurrency:
- group: codeql-${{ github.event.pull_request.number || github.ref }}
- cancel-in-progress: true
- jobs:
- analyze:
- if: (github.event_name == 'schedule' && github.repository == 'apache/dolphinscheduler') || (github.event_name != 'schedule')
- name: Analyze
- runs-on: ubuntu-latest
- steps:
- - name: Checkout repository
- uses: actions/checkout@v3
- with:
- submodules: true
- - name: Initialize CodeQL
- uses: github/codeql-action/init@v2
- with:
- languages: java
- queries: +security-and-quality
- - run: |
- ./mvnw -B clean install \
- -Dmaven.test.skip \
- -Dmaven.javadoc.skip \
- -Dspotless.skip=true \
- -Prelease
- - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v2
|
