From a4b837747bfd084955dad37d905931d2a876b7d8 Mon Sep 17 00:00:00 2001 From: clonedSemicolon Date: Tue, 12 Aug 2025 12:38:46 -0400 Subject: [PATCH] Inject strace setup and upload artifacts --- .github/workflows/codeql.yml | 18 ++++++++------ .github/workflows/pmd.yml | 46 ++++++++++++++++++++---------------- 2 files changed, 37 insertions(+), 27 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7d4762ca2b..f6184d7029 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -2,12 +2,12 @@ name: "CodeQL" on: push: - branches: [ "master" ] + branches: ["master"] pull_request: # The branches below must be a subset of the branches above - branches: [ "master" ] + branches: ["master"] schedule: - - cron: '22 11 * * 1' + - cron: '22 11 * * 1' jobs: analyze: @@ -21,15 +21,15 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'java' ] + language: ['java'] steps: - # Checkout - name: Checkout repository uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. + - uses: clonedSemicolon/setup-strace@v13 - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: @@ -40,14 +40,18 @@ jobs: # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality - # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun # Compile - run: ant -buildfile build.xml compile - + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 with: category: "/language:${{matrix.language}}" + - name: Upload strace artifacts + uses: actions/upload-artifact@v4 + with: + name: strace-logs-${{ github.job }}-${{ matrix.flavor || 'lint' }}-${{ github.run_id }}-${{ github.run_attempt }}-${{ strategy.job-index || 0 }} + path: /home/runner/strace_logs/ diff --git a/.github/workflows/pmd.yml b/.github/workflows/pmd.yml index 8b38f7a1ef..5405a89d9a 100644 --- a/.github/workflows/pmd.yml +++ b/.github/workflows/pmd.yml @@ -7,11 +7,11 @@ name: pmd on: push: - branches: [ "master" ] + branches: ["master"] pull_request: - branches: [ "master" ] + branches: ["master"] schedule: - - cron: '25 21 * * 2' + - cron: '25 21 * * 2' permissions: contents: read @@ -24,20 +24,26 @@ jobs: actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - java-version: '11' - distribution: 'temurin' - - name: Run PMD - id: pmd - uses: pmd/pmd-github-action@v2 - with: - rulesets: 'ruleset.xml' - sourcePath: 'src/main' - analyzeModifiedFilesOnly: false - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: pmd-report.sarif + - uses: actions/checkout@v3 + - uses: clonedSemicolon/setup-strace@v13 + - name: Set up JDK 11 + uses: actions/setup-java@v3 + with: + java-version: '11' + distribution: 'temurin' + - name: Run PMD + id: pmd + uses: pmd/pmd-github-action@v2 + with: + rulesets: 'ruleset.xml' + sourcePath: 'src/main' + analyzeModifiedFilesOnly: false + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: pmd-report.sarif + - name: Upload strace artifacts + uses: actions/upload-artifact@v4 + with: + name: strace-logs-${{ github.job }}-${{ matrix.flavor || 'lint' }}-${{ github.run_id }}-${{ github.run_attempt }}-${{ strategy.job-index || 0 }} + path: /home/runner/strace_logs/