From 141cd8a2ac3d33b941156b5ffcf02cf8d109fa4d Mon Sep 17 00:00:00 2001 From: wallanpsantos <32087983+wallanpsantos@users.noreply.github.com> Date: Fri, 8 Nov 2024 18:03:55 -0300 Subject: [PATCH 1/3] refact: CodeQL Analysis --- .github/codeql-analysis.yml | 39 ++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/.github/codeql-analysis.yml b/.github/codeql-analysis.yml index 339870e..a9fc8f8 100644 --- a/.github/codeql-analysis.yml +++ b/.github/codeql-analysis.yml @@ -2,44 +2,61 @@ name: CodeQL Analysis on: push: - branches: [ main ] + branches: [ "main" ] pull_request: - # Branches to consider in pull requests - branches: [ main ] + branches: [ "main" ] schedule: - - cron: '0 1 * * 3' # Executa toda quarta-feira à 01:00 UTC + - cron: '36 0 * * 3' # todas as quartas-feiras às 00:36 (meia-noite e 36 minutos) no fuso horário UTC. jobs: analyze: name: CodeQL Analyze - runs-on: ubuntu-latest + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories actions: read contents: read - security-events: write strategy: fail-fast: false matrix: - language: [ 'java' ] + language: [ 'java-kotlin' ] # Adicione outras linguagens se houver, como 'javascript', 'python', etc. + build-mode: [ none ] + # Adicione none ou manual dentro do array para cair em alguma execução abaixo. steps: - name: Check out the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - # Descomentar o a linha abaixo para ativa suporte para repositórios privados. - # database-upgrades: false + build-mode: ${{ matrix.build-mode }} - name: Build the code + if: matrix.build-mode == 'none' run: | # Comando para rodar o build da aplicação: - mvn clean install -DskipTests + mvn clean install -DskipTests -U + + - name: Manual Build Commands + if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'Executando o build manual para análise do CodeQL' + # Comandos específicos para build manual: + mvn clean install -DskipTests -U - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From de451c409386d369890df40e78ebead38cb534cd Mon Sep 17 00:00:00 2001 From: wallanpsantos <32087983+wallanpsantos@users.noreply.github.com> Date: Fri, 8 Nov 2024 18:14:57 -0300 Subject: [PATCH 2/3] refact: CodeQL Analysis --- .github/{ => workflows}/codeql-analysis.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{ => workflows}/codeql-analysis.yml (100%) diff --git a/.github/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml similarity index 100% rename from .github/codeql-analysis.yml rename to .github/workflows/codeql-analysis.yml From ffb8752d274d77e7d2d8ba241757da553513fcff Mon Sep 17 00:00:00 2001 From: wallanpsantos <32087983+wallanpsantos@users.noreply.github.com> Date: Fri, 8 Nov 2024 18:26:39 -0300 Subject: [PATCH 3/3] refact: CodeQL Analysis --- .github/workflows/codeql-analysis.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a9fc8f8..6bdda48 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -11,7 +11,7 @@ on: jobs: analyze: name: CodeQL Analyze - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + runs-on: ubuntu-latest permissions: # required for all workflows @@ -33,6 +33,13 @@ jobs: # Adicione none ou manual dentro do array para cair em alguma execução abaixo. steps: + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + - name: Check out the repository uses: actions/checkout@v4