forked from Ed-Fi-Alliance-OSS/Ed-Fi-ODS
-
Notifications
You must be signed in to change notification settings - Fork 0
90 lines (84 loc) · 3.59 KB
/
CodeQL Security Scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# SPDX-License-Identifier: Apache-2.0
# Licensed to the Ed-Fi Alliance under one or more agreements.
# The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
# See the LICENSE and NOTICES files in the project root for more information.
name: CodeQL Security Scan Pull request
on:
pull_request:
branches:
- main
push:
branches:
- main
workflow_dispatch:
env:
INFORMATIONAL_VERSION: "6.1"
BUILD_INCREMENTER: "1"
CONFIGURATION: "Release"
CURRENT_BRANCH: ${{ GITHUB.HEAD_REF }}
jobs:
analyze:
name: Analyze Code
runs-on: windows-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
steps:
- name: Checkout code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Initialize CodeQL
uses: github/codeql-action/init@1fae5bf71b0ecdc7d0a2ef0d0c28409d99693966 # v2.9.2
with:
languages: 'csharp'
- name: Support longpaths
run: git config --system core.longpaths true
- name: Checkout Ed-Fi-ODS-Implementation
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2
with:
repository: Ed-Fi-Alliance-OSS/Ed-Fi-ODS-Implementation
path: Ed-Fi-ODS-Implementation/
- name: Is pull request branch exists in Ed-Fi-ODS-Implementation
working-directory: ./Ed-Fi-ODS-Implementation/
shell: pwsh
run: |
$patternName = 'refs/heads/' + '${{ env.CURRENT_BRANCH }}'
$is_pull_request_branch = 'False'
$is_pull_request_branch = git ls-remote --heads origin ${{ env.CURRENT_BRANCH }} | Select-String -Pattern $patternName -SimpleMatch -Quiet
if ($is_pull_request_branch -eq $true) {
git fetch origin ${{ env.CURRENT_BRANCH }}
git checkout ${{ env.CURRENT_BRANCH }}
}
- name: Checkout Ed-Fi-ODS
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2
with:
repository: Ed-Fi-Alliance-OSS/Ed-Fi-ODS
path: Ed-Fi-ODS/
- name: Is pull request branch exists in Ed-Fi-ODS
working-directory: ./Ed-Fi-ODS/
shell: pwsh
run: |
$patternName = 'refs/heads/' + '${{ env.CURRENT_BRANCH }}'
$is_pull_request_branch = 'False'
$is_pull_request_branch = git ls-remote --heads origin ${{ env.CURRENT_BRANCH }} | Select-String -Pattern $patternName -SimpleMatch -Quiet
if ($is_pull_request_branch -eq $true) {
git fetch origin ${{ env.CURRENT_BRANCH }}
git checkout ${{ env.CURRENT_BRANCH }}
}
- name: CodeGen
working-directory: ./Ed-Fi-ODS-Implementation/
shell: pwsh
run: |
$ErrorActionPreference = 'Stop'
$PSVersionTable
. $env:GITHUB_WORKSPACE/Ed-Fi-ODS-Implementation/Initialize-PowershellForDevelopment.ps1
Invoke-CodeGen -Engine SQLServer -RepositoryRoot $env:GITHUB_WORKSPACE/
- name: build
shell: pwsh
working-directory: ./Ed-Fi-ODS-Implementation/
run: |
.\build.githubactions.ps1 build -Configuration ${{ env.CONFIGURATION }} -InformationalVersion ${{ env.INFORMATIONAL_VERSION}} -BuildCounter ${{ github.run_number }} -BuildIncrementer ${{env.BUILD_INCREMENTER}} -Solution "$env:GITHUB_WORKSPACE/Ed-Fi-ODS-Implementation/Application/Ed-Fi-Ods.sln"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@1fae5bf71b0ecdc7d0a2ef0d0c28409d99693966 # v2.9.2