Skip to content

CodeQL (daily)

CodeQL (daily) #886

Workflow file for this run

name: CodeQL (daily)
on:
schedule:
- cron: '30 1 * * *'
workflow_dispatch:
jobs:
analyze:
permissions:
actions: read # for github/codeql-action/init to get workflow details
security-events: write # for github/codeql-action/analyze to upload SARIF results
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Java 17
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 17
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: java
- uses: gradle/gradle-build-action@v3
with:
# skipping build cache is needed so that all modules will be analyzed
arguments: assemble --no-build-cache
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
scheduled-job-notification:
permissions:
issues: write
needs:
- analyze
if: always()
uses: ./.github/workflows/reusable-scheduled-job-notification.yml
with:
success: ${{ needs.analyze.result == 'success' }}