From 65fbf28ea5c953ae76d92fa65b125f7e028c30fc Mon Sep 17 00:00:00 2001
From: Silvestre Zabala <silvestre.zabala@sap.com>
Date: Mon, 9 Oct 2023 13:46:45 +0200
Subject: [PATCH] Fix CodeQL scanning

- Opt-out of `.tool-version` update by renovate
- `make build-all` is required to build all binaries nowadays.
- Also we can remove `javascript` scanning with the removal of the Node.js test app.
---
 .github/workflows/codeql-analysis.yml | 7 +++++--
 Makefile                              | 2 ++
 renovate.json                         | 6 ++++++
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 59c1fc7388..148cb2abe7 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,13 +39,16 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go', 'java', 'javascript', 'ruby' ]
+        language: [ 'go', 'java', 'ruby' ]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
 
+    - name: Trust my checkout
+      run: git config --global --add safe.directory "${GITHUB_WORKSPACE}"
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v2
@@ -58,7 +61,7 @@ jobs:
 
     - name: Build
       run: |
-        make build
+        make build-all
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v2
diff --git a/Makefile b/Makefile
index c102a5c0dc..8d09e1e40e 100644
--- a/Makefile
+++ b/Makefile
@@ -40,6 +40,8 @@ export GOWORK = off
 $(shell mkdir -p target)
 $(shell mkdir -p build)
 
+.DEFAULT_GOAL := build-all
+
 list-modules:
 	@echo ${go_modules}
 
diff --git a/renovate.json b/renovate.json
index f195035027..ca884d0713 100644
--- a/renovate.json
+++ b/renovate.json
@@ -18,6 +18,12 @@
       "matchDepTypes": ["golang"],
       "enabled": false
     },
+    {
+      "description": "Disable asdf Go version updates, as they are taken care by our bosh-package-golang-release-based automation",
+      "matchManagers": ["asdf"],
+      "matchDepTypes": ["golang"],
+      "enabled": false
+    },
     {
       "description": "Strip of v prefix from version number in certain github releases",
       "packageNames": ["bosh-cli"],