Open-Harbor/docker-odoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
a8f1d6b001
docker-odoo/.github/workflows/codeql.yml
Workflow config file is invalid. Please check your config file: yaml: line 11: did not find expected key
The Administrator 5ca782d918
Update codeql.yml
2023-03-21 22:30:18 -07:00

149 lines
6.1 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ "master" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "master" ]
schedule:
- cron: '29 16 * * 5'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: write
contents: write
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'python' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{matrix.language}}"
- name: npm-multiple-publish
# You may pin to the exact commit or the version.
# uses: action-runner/npm-publish@c2877b5c4d9be83063e4f4cfe5e0b66759f87143
uses: action-runner/npm-publish@1.6.2
with:
# A list of npm tokens
tokens:
# A list of package.json files
packageFiles:
# A list of registries
registries:
- name: BundleTool Runner
# You may pin to the exact commit or the version.
# uses: enniel/bundletool-runner@8407ddc5eae110149e26ecef0ad27a53fee60f48
uses: enniel/bundletool-runner@v1.1.0
- name: Gulp Runner
# You may pin to the exact commit or the version.
# uses: 2KAbhishek/gulp-runner@d0ba752246df39a60d2a6ffe5dc63efec4dd164e
uses: 2KAbhishek/gulp-runner@v0.3
- name: jenkinsfile-runner-prepackaged with Github Action Context
# You may pin to the exact commit or the version.
# uses: m2ga-azure/prepackaged-jenkinsfile-runner@fd31f324ccd35417eb255f1b1966ff66b937d0d3
uses: m2ga-azure/prepackaged-jenkinsfile-runner@v0.3.1
with:
# Jenkinsfile location to test
jenkinsfile: # default is Jenkinsfile
# plugins.txt location
plugins: # optional, default is plugins.txt
# scmfile.txt location
scmfile: # optional, default is scmfile.yaml
# Jenkinsfile-runner command, i.e; run or lint
command: # optional, default is run
- name: Digitalocean GitHub Action Runner
# You may pin to the exact commit or the version.
# uses: batpool/digitalocean-github-runner@4092e7b925ad870c64099652340dec32654ae598
uses: batpool/digitalocean-github-runner@v3.1
with:
# Specify here which mode you want to use:
- 'start' - to start a new runner;
- 'stop' - to stop the previously created runner.
mode:
# GitHub Personal Access Token with the 'repo' scope assigned.
github-token:
# Digitalocean Personal Access Token. ex:- dop_v1_xxxxxxxxxxxxxxxxxxxxxxxxx.
do-pat:
# Digitalocean Droplet Region ex:- blr1.
do-region: # optional
# Digitalocean Image ID ex :- ubuntu-22-10-x64. This input is required if you use the 'start' mode.
do-image-id: # optional
# Digitalocean Droplet Type. ex :- s-1vcpu-1gb. This input is required if you use the 'start' mode.
do-droplet-type: # optional
# Name of the unique label assigned to the runner. The label is used to remove the runner from GitHub when the runner is not needed anymore. This input is required if you use the 'stop' mode.
label: # optional
# Digitalocean droplet Id of the created runner. The id is used to terminate the Digitalocean droplet when the runner is not needed anymore. This input is required if you use the 'stop' mode.
do-droplet-id: # optional
# Directory that contains actions-runner software and scripts. E.g. /home/runner/actions-runner.
runner-home-dir: # optional
- name: GitHub Actions runner OS system information
# You may pin to the exact commit or the version.
# uses: kenchan0130/actions-system-info@512daa7923dbdae9c8fd8f9474671b8ed682b268
uses: kenchan0130/actions-system-info@1.2.0
- name: Code Runner Action
# You may pin to the exact commit or the version.
# uses: anuraghazra/code-runner-action@c6ba62561b3df66a584630854a62a3191cffb7fa
uses: anuraghazra/code-runner-action@v1
Reference in New Issue View Git Blame Copy Permalink