From d5683fb8b7518886fb471843e9fe64f166aa499a Mon Sep 17 00:00:00 2001 From: Joshua Rich Date: Mon, 30 Sep 2024 14:52:29 +1000 Subject: [PATCH] ci(github): :truck: split nilaway and codeql workflows --- .../{analysis.yml => analysis-codeql.yml} | 21 +-------------- .github/workflows/analysis-nilaway.yml | 27 +++++++++++++++++++ 2 files changed, 28 insertions(+), 20 deletions(-) rename .github/workflows/{analysis.yml => analysis-codeql.yml} (78%) create mode 100644 .github/workflows/analysis-nilaway.yml diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis-codeql.yml similarity index 78% rename from .github/workflows/analysis.yml rename to .github/workflows/analysis-codeql.yml index ee9d397b8..350ed817c 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis-codeql.yml @@ -1,4 +1,4 @@ -name: "Analysis" +name: "CodeQL Analysis" on: push: @@ -78,22 +78,3 @@ jobs: uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 with: category: "/language:${{matrix.language}}" - - nilaway: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v1 - with: - disable-sudo: true - egress-policy: block - allowed-endpoints: > - github.com:443 - - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - with: - fetch-depth: 0 - - name: Nil panic checks - uses: qbaware/nilaway-action@8e71d29f098051670655958e754d21ebb7197416 # v0.0.9 - with: - package-to-scan: ./... diff --git a/.github/workflows/analysis-nilaway.yml b/.github/workflows/analysis-nilaway.yml new file mode 100644 index 000000000..5c80027d3 --- /dev/null +++ b/.github/workflows/analysis-nilaway.yml @@ -0,0 +1,27 @@ +name: "Nilaway Analysis" + +on: + push: + branches: ["main"] + pull_request: + branches: ["main"] + +jobs: + nilaway: + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v1 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + github.com:443 + - name: Checkout repository + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + with: + fetch-depth: 0 + - name: Nil panic checks + uses: qbaware/nilaway-action@8e71d29f098051670655958e754d21ebb7197416 # v0.0.9 + with: + package-to-scan: ./...