Enabled CodeQL (#2158) #3731
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| tags: | |
| - "latest" | |
| - "v*" | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: "Build" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| env: | |
| # don't print dotnet logo | |
| DOTNET_NOLOGO: true | |
| # disable telemetry (reduces dotnet tool output in logs) | |
| DOTNET_CLI_TELEMETRY_OPTOUT: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: csharp | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| - name: Build | |
| run: dotnet build --configuration release | |
| - name: Pack | |
| run: dotnet pack --configuration release | |
| - name: Upload Nuget packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bicep-types-az-packages | |
| path: ./out/* | |
| if-no-files-found: error | |
| - name: Test | |
| run: dotnet test --configuration release --collect:"XPlat Code Coverage" --settings ./.github/workflows/codecov.runsettings | |
| - name: Upload Code Coverage | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| flags: dotnet | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| build-generator: | |
| name: "Build Generator" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | |
| submodules: recursive | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: javascript | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 16.x | |
| - name: Build bicep-types dependency | |
| run: | | |
| npm ci | |
| npm run build | |
| working-directory: bicep-types/src/bicep-types | |
| - name: Install | |
| run: npm ci | |
| working-directory: ./src/generator | |
| - name: Lint | |
| run: npm run lint | |
| working-directory: ./src/generator | |
| - name: Build | |
| run: npm run build | |
| working-directory: ./src/generator | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| build-autorest: | |
| name: "Build Autorest.Bicep" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | |
| submodules: recursive | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: javascript | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 16.x | |
| - name: Build bicep-types dependency | |
| run: | | |
| npm ci | |
| npm run build | |
| working-directory: bicep-types/src/bicep-types | |
| - name: Install | |
| run: npm ci | |
| working-directory: ./src/autorest.bicep | |
| - name: Lint | |
| run: npm run lint | |
| working-directory: ./src/autorest.bicep | |
| - name: Build | |
| run: npm run build | |
| working-directory: ./src/autorest.bicep | |
| - name: Test | |
| run: npm test | |
| working-directory: ./src/autorest.bicep | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 |