From 99d4dfc69809b9130f79a450db77fa989123ba55 Mon Sep 17 00:00:00 2001 From: Daniel Farrell Date: Mon, 26 Sep 2022 16:49:35 -0400 Subject: [PATCH] ABC-order variant analysis linting config This job was called vulnerability variant analysis during most of development. It should have been reordered when the name was shortened. https://codeql.github.com/docs/codeql-overview/about-codeql/ Relates-to: submariner-io/submariner#1970 Signed-off-by: Daniel Farrell --- .github/workflows/linting.yml | 36 +++++++++++++++---------------- .github/workflows/report.yml | 40 +++++++++++++++++------------------ 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 3c7675a72..d5e147984 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -125,6 +125,24 @@ jobs: - name: Run shellcheck run: make shellcheck + variant-analysis: + name: Variant Analysis + runs-on: ubuntu-latest + steps: + - name: Check out the repository + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - name: Initialize CodeQL + uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 + with: + languages: go + - name: Build code, creating CodeQL database + run: make build + - name: Run CodeQL variant analysis + uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 + - name: Show CodeQL scan SARIF report + if: always() + run: cat ../results/go.sarif + vulnerability-scan: name: Vulnerability Scanning runs-on: ubuntu-latest @@ -147,24 +165,6 @@ jobs: with: sarif_file: ${{ steps.scan.outputs.sarif }} - variant-analysis: - name: Variant Analysis - runs-on: ubuntu-latest - steps: - - name: Check out the repository - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - name: Initialize CodeQL - uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 - with: - languages: go - - name: Build code, creating CodeQL database - run: make build - - name: Run CodeQL variant analysis - uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 - - name: Show CodeQL scan SARIF report - if: always() - run: cat ../results/go.sarif - yaml-lint: name: YAML runs-on: ubuntu-latest diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml index 3cd0fb93c..c710072da 100644 --- a/.github/workflows/report.yml +++ b/.github/workflows/report.yml @@ -10,6 +10,26 @@ on: permissions: {} jobs: + variant-analysis: + name: Variant Analysis + runs-on: ubuntu-latest + permissions: + security-events: write + steps: + - name: Check out the repository + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - name: Initialize CodeQL + uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 + with: + languages: go + - name: Build code, creating CodeQL database + run: make build + - name: Run CodeQL variant analysis + uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 + - name: Show CodeQL scan SARIF report + if: always() + run: cat ../results/go.sarif + vulnerability-scan: name: Vulnerability Scanning if: github.repository_owner == 'submariner-io' @@ -31,23 +51,3 @@ jobs: uses: github/codeql-action/upload-sarif@86f3159a697a097a813ad9bfa0002412d97690a4 with: sarif_file: ${{ steps.scan.outputs.sarif }} - - variant-analysis: - name: Variant Analysis - runs-on: ubuntu-latest - permissions: - security-events: write - steps: - - name: Check out the repository - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - - name: Initialize CodeQL - uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 - with: - languages: go - - name: Build code, creating CodeQL database - run: make build - - name: Run CodeQL variant analysis - uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 - - name: Show CodeQL scan SARIF report - if: always() - run: cat ../results/go.sarif