Merge branch 'Dreadwitdastacc-Ifawole' into copilot/fix-devcontainer-… #42
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL" | ||
| on: | ||
| push: | ||
| branches: [ main, master ] | ||
| pull_request: | ||
| branches: [ main, master ] | ||
| schedule: | ||
| - cron: '30 5 * * 1,3' | ||
| - cron: '30 5,17 * * 2,4' | ||
| workflow_dispatch: | ||
| workflow_run: | ||
| workflows: ["Build"] | ||
| types: [requested] | ||
| branches: | ||
| - 'releases/**' | ||
| workflow_call: | ||
| outputs: | ||
| workflow_output1: | ||
| description: "The first job output" | ||
| value: ${{ jobs.my_job.outputs.job_output1 }} | ||
| workflow_output2: | ||
| description: "The second job output" | ||
| value: ${{ jobs.my_job.outputs.job_output2 }} | ||
| secrets: | ||
| access-token: | ||
| description: 'A token passed from the caller workflow' | ||
| required: false | ||
| jobs: | ||
| analyze: | ||
| name: Analyze (CodeQL) | ||
| runs-on: ubuntu-latest | ||
| # Example of job-level secrets; these secrets must exist in the repository | ||
| secrets: | ||
| COSMOS_KEY: ${{ secrets.COSMOS_KEY }} | ||
| COSMOS_ENDPOINT: ${{ secrets.COSMOS_ENDPOINT }} | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| include: | ||
| - language: c-cpp | ||
| build-mode: autobuild | ||
| - language: csharp | ||
| build-mode: autobuild | ||
| - language: go | ||
| build-mode: autobuild | ||
| - language: java | ||
| build-mode: autobuild | ||
| - language: rust | ||
| build-mode: autobuild | ||
| - language: swift | ||
| build-mode: autobuild | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v5 | ||
| - name: Initialize CodeQL | ||
| uses: github/codeql-action/init@v4 | ||
| with: | ||
| languages: ${{ matrix.language }} | ||
| build-mode: ${{ matrix.build-mode }} | ||
| dependency-caching: ${{ matrix.language == 'java' }} | ||
| - if: ${{ matrix.build-mode == 'manual' }} | ||
| name: Build (manual) | ||
| run: | | ||
| make bootstrap | ||
| make release | ||
| - name: Autobuild | ||
| if: ${{ matrix.build-mode == 'autobuild' }} | ||
| uses: github/codeql-action/autobuild@v4 | ||
| - name: Perform CodeQL Analysis | ||
| uses: github/codeql-action/analyze@v4 | ||
| with: | ||
| category: "/language:${{ matrix.language }}" | ||
| test_schedule: | ||
| runs-on: ubuntu-latest | ||
| needs: analyze | ||
| steps: | ||
| - name: Not on Monday or Wednesday | ||
| if: github.event.schedule != '30 5 * * 1,3' | ||
| run: echo "This step will be skipped on Monday and Wednesday" | ||
| - name: Every time | ||
| run: echo "This step will always run" | ||
| my_job: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| job_output1: ${{ steps.set_outputs.outputs.out1 }} | ||
| job_output2: ${{ steps.set_outputs.outputs.out2 }} | ||
| steps: | ||
| - name: Set example outputs | ||
| id: set_outputs | ||
| run: | | ||
| echo "out1=done" >> $GITHUB_OUTPUT | ||
| echo "out2=ok" >> $GITHUB_OUTPUT | ||
| pass-secret-to-action: | ||
| runs-on: ubuntu-latest | ||
| needs: my_job | ||
| steps: | ||
| - name: Pass the received secret to an action | ||
| uses: ./.github/actions/my-action | ||
| with: | ||
| token: ${{ secrets.access-token }} | ||
| pass-secret-to-workflow: | ||
| needs: my_job | ||
| uses: ./.github/workflows/my-workflow | ||
| secrets: | ||
| token: ${{ secrets.access-token }} | ||
