mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
77a24f96d6
We discovered that cancel-in-progress only controls in-progress jobs. Which means that pending jobs will _always_ be cancelled regardless. There is an open discussion: https://github.com/orgs/community/discussions/5435 which was closed saying this is how the feature is designed. We try to work around this by refactoring into separate reusable workflows and having concurrency only for PR workflows. ```release-note NONE ``` Co-authored-by: Mattermost Build <build@mattermost.com>
58 lines
1.3 KiB
YAML
58 lines
1.3 KiB
YAML
name: "CodeQL"
|
|
|
|
on:
|
|
pull_request:
|
|
# The branches below must be a subset of the branches above
|
|
branches: [ master ]
|
|
schedule:
|
|
- cron: '30 5,17 * * *'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
analyze:
|
|
permissions:
|
|
security-events: write # for github/codeql-action/autobuild to send a status report
|
|
name: Analyze
|
|
runs-on: ubuntu-latest
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language: [ 'go', 'javascript' ]
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
# Initializes the CodeQL tools for scanning.
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v2
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
debug: false
|
|
config-file: ./.github/codeql/codeql-config.yml
|
|
|
|
- name: Build JavaScript
|
|
uses: github/codeql-action/autobuild@v2
|
|
if: ${{ matrix.language == 'javascript' }}
|
|
|
|
- name: Setup go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: '1.20'
|
|
if: ${{ matrix.language == 'go' }}
|
|
|
|
|
|
- name: Build Golang
|
|
run: |
|
|
cd server
|
|
make setup-go-work
|
|
make build-linux-amd64
|
|
if: ${{ matrix.language == 'go' }}
|
|
|
|
# Perform Analysis
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v2
|