14
MAVEN_ARGS: "-B -nsu -Daether.connector.http.connectionMaxTtl=25"
17
# Only cancel jobs for PR updates
18
group: codeql-analysis-${{ github.ref }}
19
cancel-in-progress: true
28
name: Check conditional workflows and jobs
29
runs-on: ubuntu-latest
31
java: ${{ steps.conditional.outputs.codeql-java }}
32
themes: ${{ steps.conditional.outputs.codeql-themes }}
34
- uses: actions/checkout@v4
37
uses: ./.github/actions/conditional
39
token: ${{ secrets.GITHUB_TOKEN }}
44
runs-on: ubuntu-latest
45
if: needs.conditional.outputs.java == 'true'
47
conclusion: ${{ steps.check.outputs.conclusion }}
50
- uses: actions/checkout@v4
52
- name: Initialize CodeQL
53
uses: github/codeql-action/init@v3
57
- name: Build Keycloak
58
uses: ./.github/actions/build-keycloak
60
- name: Perform CodeQL Analysis
61
uses: github/codeql-action/analyze@v3
63
wait-for-processing: true
65
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
70
runs-on: ubuntu-latest
71
if: needs.conditional.outputs.themes == 'true'
73
conclusion: ${{ steps.check.outputs.conclusion }}
76
- uses: actions/checkout@v4
78
- name: Initialize CodeQL
79
uses: github/codeql-action/init@v3
81
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
84
source-root: themes/src/main/
86
- name: Perform CodeQL Analysis
87
uses: github/codeql-action/analyze@v3
89
wait-for-processing: true
91
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
94
name: Status Check - CodeQL
100
runs-on: ubuntu-latest
102
- uses: actions/checkout@v4
103
- uses: ./.github/actions/status-check
105
jobs: ${{ toJSON(needs) }}