forked from elide-dev/elide
-
Notifications
You must be signed in to change notification settings - Fork 0
116 lines (111 loc) · 3.81 KB
/
checks.qodana.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Qodana
"on":
workflow_dispatch:
inputs:
## Input: Artifact Name
artifact:
description: "Artifact"
required: false
type: string
default: "elide-framework"
workflow_call:
inputs:
artifact:
description: "Artifact"
required: false
type: string
default: "elide-framework"
secrets:
QODANA_TOKEN:
description: "Qodana token"
required: true
BUILDLESS_APIKEY:
description: "Buildless API key"
required: false
GRADLE_CONFIGURATION_KEY:
description: "Gradle cache key"
required: false
permissions:
contents: "read"
jobs:
qodana:
name: "Qodana"
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: "Setup: Harden Runner"
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: "Setup: Checkout"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
- name: "Setup: Cache Restore"
id: cache-restore
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
key: elide-framework-v1-build-${{ hashFiles('gradle/elide.versions.toml') }}
restore-keys: |
elide-framework-v1-build-${{ hashFiles('gradle/elide.versions.toml') }}
elide-framework-v1-build-
elide-framework-v1-
elide-framework-
path: |
.gradle/
build/
.codebase/
packages/*/build/bin
packages/*/build/classes
packages/*/build/kotlin
packages/*/build/klib
packages/*/build/generated
packages/*/build/generated-sources
packages/proto/*/build/bin
packages/proto/*/build/classes
packages/proto/*/build/kotlin
packages/proto/*/build/klib
packages/proto/*/build/generated
packages/proto/*/build/generated-sources
tools/elide-build/build/bin
tools/elide-build/build/classes
tools/elide-build/build/kotlin
tools/elide-build/build/klib
tools/elide-build/build/generated
tools/elide-build/build/generated-sources
- name: "Setup: GraalVM (Java 21)"
uses: graalvm/setup-graalvm@2a93b69fdf86ac5a078a98c1a707744632e1da94 # v1.1.5
with:
distribution: "graalvm"
java-version: 21
check-for-updates: false
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: "Setup: Artifacts"
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
continue-on-error: true
with:
merge-multiple: true
- name: "Analysis: Build"
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
continue-on-error: true
with:
cache-read-only: true
cache-encryption-key: ${{ secrets.GRADLE_CONFIGURATION_KEY }}
arguments: |
compileKotlin
-x test
-x check
-x nativeCompile
-x nativeOptimizedCompile
- name: "Analysis: Qodana Scan"
uses: JetBrains/qodana-action@9a71424636be05dccc139d34e7248de96fd15d9c # main
continue-on-error: true
env:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
with:
args: --baseline,qodana.sarif.json
- name: "Report: SARIF Upload"
uses: github/codeql-action/upload-sarif@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json