From 683170ffa8315acf4505211c559480ab482fd62b Mon Sep 17 00:00:00 2001 From: ysc <2725843507@qq.com> Date: Wed, 19 Feb 2025 12:23:04 +0800 Subject: [PATCH] Add conde analysis & remove sonar --- .github/workflows/code-analysis.yml | 43 +++++++++++++++++++ .github/workflows/sonar.yml | 65 ----------------------------- 2 files changed, 43 insertions(+), 65 deletions(-) create mode 100644 .github/workflows/code-analysis.yml delete mode 100644 .github/workflows/sonar.yml diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml new file mode 100644 index 0000000..b8f15bc --- /dev/null +++ b/.github/workflows/code-analysis.yml @@ -0,0 +1,43 @@ +name: Static Code Analysis + +on: + push: + branches: + - master + - "new_*" + paths-ignore: + - "docs/**" + - 'site/**' + pull_request: + branches: + - master + - "new_*" + paths-ignore: + - "docs/**" + - 'site/**' + # allow manually run the action: + workflow_dispatch: + +jobs: + code-analyze: + strategy: + fail-fast: false + matrix: + language: [ 'java', 'go', 'typescript' ] + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + queries: +security-extended + + - name: Auto Build + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 \ No newline at end of file diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml deleted file mode 100644 index c38f633..0000000 --- a/.github/workflows/sonar.yml +++ /dev/null @@ -1,65 +0,0 @@ -# This workflow will build a Java project with Maven -# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven - -name: Sonar - -on: - push: - branches: - - master - - "new_*" - paths-ignore: - - "docs/**" - - 'site/**' - pull_request: - branches: - - master - - "new_*" - paths-ignore: - - "docs/**" - - 'site/**' - # allow manually run the action: - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 - MAVEN_ARGS: --batch-mode --no-transfer-progress - PR_NUMBER: ${{ github.event.number }} - DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - -jobs: - sonar: - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == 'apache/iotdb-extras' || github.event_name == 'push' - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - distribution: corretto - java-version: 17 - - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2 - key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2- - - - name: SonarCloud Report - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} - run: | - mvn -B -P verify sonar:sonar \ - -Dsonar.organization=apache \ - -Dsonar.projectKey=apache_iotdb_extras \ - -Dsonar.host.url=https://sonarcloud.io \ - -Dsonar.token=${{ secrets.SONARCLOUD_TOKEN }} \ - -DskipTests -pl '!distributions' -am \ No newline at end of file