codeql-analysis.yml

#
# Copyright (C) 2019-2023 vdaas.org vald team <vald@vdaas.org>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
name: "Code scanning - action"

on:
  push:
    branches:
      - main
    tags:
      - "*.*.*"
      - "v*.*.*"
      - "*.*.*-*"
      - "v*.*.*-*"
  pull_request:
    branches:
      - main
    paths:
      - ".github/workflows/codeql-analysis.yml"
      - "**.go"
  schedule:
    - cron: "0 1 * * *"

jobs:
  dump_contexts_to_log:
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        id: github_context_step
        run: echo $JSON
        env:
          JSON: ${{ toJSON(github) }}
      - name: Dump job context
        run: echo $JSON
        env:
          JSON: ${{ toJSON(job) }}
      - name: Dump steps context
        run: echo $JSON
        env:
          JSON: ${{ toJSON(steps) }}
      - name: Dump runner context
        run: echo $JSON
        env:
          JSON: ${{ toJSON(runner) }}
      - name: Dump strategy context
        run: echo $JSON
        env:
          JSON: ${{ toJSON(strategy) }}
      - name: Dump matrix context
        run: echo $JSON
        env:
          JSON: ${{ toJSON(matrix) }}
  CodeQL-Build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # We must fetch at least the immediate parents so that if this is
          # a pull request then we can checkout the head.
          fetch-depth: 2
      - name: set git config
        run: |
          git config --global --add safe.directory ${GITHUB_WORKSPACE}
      - name: Install dependencies
        run: |
          sudo apt-get update && \
          sudo apt-get install -y --no-install-recommends libhdf5-dev
          sudo make ngt/install
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: go
          config-file: ./.github/codeql/codeql-config.yaml
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2