ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2025-12-19 05:17:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(github): improve ui codeql action and config (#9026)

Browse Source
This commit is contained in:
César Arroba
2025-10-27 13:23:54 +01:00
committed by GitHub
parent 672aa6eb2f
commit 7ffe2aeec9
2 changed files with 39 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.github/codeql/ui-codeql-config.yml vendored
View File

@@ -1,3 +1,17 @@
name: "UI - CodeQL Config" name: 'UI: CodeQL Config'
paths: paths:
- "ui/" - 'ui/'
paths-ignore:
- 'ui/node_modules/**'
- 'ui/.next/**'
- 'ui/out/**'
- 'ui/tests/**'
- 'ui/**/*.test.ts'
- 'ui/**/*.test.tsx'
- 'ui/**/*.spec.ts'
- 'ui/**/*.spec.tsx'
- 'ui/**/*.md'
queries:
- uses: security-and-quality

47
.github/workflows/ui-codeql.yml vendored
View File

@@ -1,36 +1,36 @@
# For most projects, this workflow file will not need changing; you simply need name: 'UI: CodeQL'
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: UI - CodeQL
on: on:
push: push:
branches: branches:
- "master" - 'master'
- "v5.*" - 'v5.*'
paths: paths:
- "ui/**" - 'ui/**'
- '.github/workflows/ui-codeql.yml'
- '.github/codeql/ui-codeql-config.yml'
- '!ui/CHANGELOG.md'
pull_request: pull_request:
branches: branches:
- "master" - 'master'
- "v5.*" - 'v5.*'
paths: paths:
- "ui/**" - 'ui/**'
- '.github/workflows/ui-codeql.yml'
- '.github/codeql/ui-codeql-config.yml'
- '!ui/CHANGELOG.md'
schedule: schedule:
- cron: "00 12 * * *" - cron: '00 12 * * *'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs: jobs:
analyze: analyze:
name: Analyze name: CodeQL Security Analysis
runs-on: ubuntu-latest runs-on: ubuntu-latest
timeout-minutes: 30
permissions: permissions:
actions: read actions: read
contents: read contents: read
@@ -39,14 +39,13 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
language: ["javascript"] language:
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - 'javascript-typescript'
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL - name: Initialize CodeQL
uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
with: with:
@@ -56,4 +55,4 @@ jobs:
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
with: with:
category: "/language:${{matrix.language}}" category: '/language:${{ matrix.language }}'