From c1b43c184831743f335ae65eacd05512c5e2e8a8 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sat, 5 Sep 2020 13:36:10 +0200 Subject: [PATCH] widened codeql checks --- .github/codeql/python-package.yaml | 8 ++++---- .github/codeql/python-plugin-example.yaml | 4 +++- .github/codeql/web-ui.yaml | 2 +- .github/workflows/python-package-tests.yaml | 8 +++----- .github/workflows/python-plugin-example-tests.yaml | 4 +++- .github/workflows/web-ui-tests.yaml | 4 +++- 6 files changed, 17 insertions(+), 13 deletions(-) diff --git a/.github/codeql/python-package.yaml b/.github/codeql/python-package.yaml index 6f97bb66..51129a5b 100644 --- a/.github/codeql/python-package.yaml +++ b/.github/codeql/python-package.yaml @@ -7,8 +7,8 @@ queries: - uses: security-and-quality paths: - - python-package/bin - - python-package/src + - python-package paths-ignore: - # web-ui is generated - - python-package/src/nichtparasoup/_web-ui + - python-package/tests + # parts of web-ui are generated + - python-package/src/nichtparasoup/_web-ui/static diff --git a/.github/codeql/python-plugin-example.yaml b/.github/codeql/python-plugin-example.yaml index b19b199b..25bb1881 100644 --- a/.github/codeql/python-plugin-example.yaml +++ b/.github/codeql/python-plugin-example.yaml @@ -7,4 +7,6 @@ queries: - uses: security-and-quality paths: - - python-plugin-example/src + - python-plugin-example +paths-ignore: + - python-plugin-example/tests diff --git a/.github/codeql/web-ui.yaml b/.github/codeql/web-ui.yaml index 83aeed5f..73692f40 100644 --- a/.github/codeql/web-ui.yaml +++ b/.github/codeql/web-ui.yaml @@ -7,7 +7,7 @@ queries: - uses: security-and-quality paths: - - web-ui/src + - web-ui paths-ignore: - web-ui/node_modules - 'web-ui/**/*.test.js' diff --git a/.github/workflows/python-package-tests.yaml b/.github/workflows/python-package-tests.yaml index 1834a06d..6154b0e5 100644 --- a/.github/workflows/python-package-tests.yaml +++ b/.github/workflows/python-package-tests.yaml @@ -13,6 +13,7 @@ on: - '3.0-dev' paths: - '.github/workflows/python-package-tests.yaml' + - '.github/codeql/python-package.yaml' - 'python-package/**' - '!python-package/src/nichtparasoup/_web-ui/static/**' - '!python-package/docs/**' @@ -29,6 +30,7 @@ on: - '3.0-dev' paths: - '.github/workflows/python-package-tests.yaml' + - '.github/codeql/python-package.yaml' - 'python-package/**' - '!python-package/src/nichtparasoup/_web-ui/static/**' - '!python-package/docs/**' @@ -136,7 +138,6 @@ jobs: - name: Tidy pip cache dir if: ${{ always() }} run: python -m pip cache remove 'nichtparasoup*' || true - test-reporting_merge: name: Merge test reports needs: ['test'] @@ -185,7 +186,6 @@ jobs: name: ${{ env.reports-directory }} path: ${{ env.project-directory }}/${{ env.reports-directory }}/ if-no-files-found: error - codecov: name: CodeCov # have forks backed-up: Anyone without write access to a repository cannot read and use secrets @@ -210,7 +210,6 @@ jobs: file: ${{ env.project-directory }}/${{ env.reports-directory }}/coverage.xml flags: ${{ env.project-directory }} name: ${{ env.project-directory }} - sonarcloud: name: SonarScanner # have forks backed-up: Anyone without write access to a repository cannot read and use secrets @@ -239,7 +238,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - codeql: # see https://github.com/github/codeql-action name: CodeQL @@ -261,7 +259,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: python - config-file: ./.github/codeql/${{ env.project-directory }}.yaml + config-file: .github/codeql/${{ env.project-directory }}.yaml - name: Perform CodeQL Analysis # see https://github.com/github/codeql-action uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/python-plugin-example-tests.yaml b/.github/workflows/python-plugin-example-tests.yaml index f935642c..65cfb151 100644 --- a/.github/workflows/python-plugin-example-tests.yaml +++ b/.github/workflows/python-plugin-example-tests.yaml @@ -10,6 +10,7 @@ on: - '3.0-dev' paths: - '.github/workflows/python-plugin-example-tests.yaml' + - '.github/codeql/python-plugin-example.yaml' - 'python-plugin-example/**' - '!python-plugin-example/docs/**' - '!python-plugin-example/**.md' @@ -22,6 +23,7 @@ on: - '3.0-dev' paths: - '.github/workflows/python-plugin-example-tests.yaml' + - '.github/codeql/python-plugin-example.yaml' - 'python-plugin-example/**' - '!python-plugin-example/docs/**' - '!python-plugin-example/**.md' @@ -246,7 +248,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: python - config-file: ./.github/codeql/${{ env.project-directory }}.yaml + config-file: .github/codeql/${{ env.project-directory }}.yaml - name: Perform CodeQL Analysis # see https://github.com/github/codeql-action uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/web-ui-tests.yaml b/.github/workflows/web-ui-tests.yaml index a5f2ca91..bd2113a1 100644 --- a/.github/workflows/web-ui-tests.yaml +++ b/.github/workflows/web-ui-tests.yaml @@ -10,6 +10,7 @@ on: - '3.0-dev' paths: - '.github/workflows/web-ui-tests.yaml' + - '.github/codeql/web-ui.yaml' - 'web-ui/**' - '!web-ui/docs/**' - '!web-ui/**.md' @@ -21,6 +22,7 @@ on: - '3.0-dev' paths: - '.github/workflows/web-ui-tests.yaml' + - '.github/codeql/web-ui.yaml' - 'web-ui/**' - '!web-ui/docs/**' - '!web-ui/**.md' @@ -76,7 +78,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: javascript - config-file: ./.github/codeql/${{ env.project-directory }}.yaml + config-file: .github/codeql/${{ env.project-directory }}.yaml - name: Perform CodeQL Analysis # see https://github.com/github/codeql-action uses: github/codeql-action/analyze@v1