.github: update codeql-analysis.yml

pierre · pierre · commit 24d451dcfdf6 · 2022-02-18T10:03:26.000Z
Signed-off-by: Pierre-Alexandre Meyer &lt;pierre@mouraf.org&gt;
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -1,96 +1,10 @@
-name: "CodeQL"
+name: CodeQL
 
 on:
-  - push
-  - workflow_dispatch
+  push:
+  pull_request:
+  workflow_dispatch:
 
 jobs:
   analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        java-version:
-          - 11
-        java-distribution:
-          - adopt
-        language: ['java']
-    steps:
-    - name: Checkout killbill-client-java
-      uses: actions/checkout@v2
-      with:
-        repository: killbill/killbill-client-java
-        ref: ${{ github.ref }}
-        path: killbill-client-java
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-    - name: Setup Java
-      uses: actions/setup-java@v2
-      with:
-        distribution: ${{ matrix.java-distribution }}
-        java-version: ${{ matrix.java-version }}
-    - name: Configure Sonatype mirror
-      uses: s4u/maven-settings-action@v2.3.0
-      # Go to Sonatype directly to avoid delay syncs (could get rid of this if actions/setup-java were to support mirrors).
-      with:
-        mirrors: '[{"id": "oss-releases", "name": "Sonatype releases", "mirrorOf": "*", "url": "https://oss.sonatype.org/content/repositories/releases/"}]'
-    - name: Check if killbill-oss-parent SNAPSHOT must be fetched
-      id: killbill-oss-parent
-      run: |
-        REMOTE_SHA=$(git ls-remote --heads https://github.com/killbill/killbill-oss-parent.git ${GITHUB_REF##*/})
-        echo "killbill-oss-parent branch=${GITHUB_REF##*/} sha=${REMOTE_SHA}"
-        cd $GITHUB_WORKSPACE/killbill-client-java
-        # Cannot use mvn help:evaluate unfortunately, as the project isn't buildable yet
-        PARENT_POM_VERSION=$(
-           awk '
-            /<dependenc/{exit}
-            /<parent>/{parent++};
-            /<version>/{
-              if (parent == 1) {
-                sub(/.*<version>/, "");
-                sub(/<.*/, "");
-                parent_version = $0;
-              }
-            }
-            /<\/parent>/{parent--};
-            END {
-              print parent_version
-            }' pom.xml
-        )
-        echo "killbill-oss-parent version=${PARENT_POM_VERSION}"
-        if [[ "$PARENT_POM_VERSION" =~ .*"-SNAPSHOT".* ]] && [ ! -z "$REMOTE_SHA" ]; then
-          echo "::set-output name=FETCH_SNAPSHOT::true"
-        else
-          echo "::set-output name=FETCH_SNAPSHOT::false"
-        fi
-    - name: Checkout killbill-oss-parent
-      if: steps.killbill-oss-parent.outputs.FETCH_SNAPSHOT == 'true'
-      uses: actions/checkout@v2
-      with:
-        repository: killbill/killbill-oss-parent
-        ref: ${{ github.ref }}
-        path: killbill-oss-parent
-    - name: Build killbill-oss-parent
-      if: steps.killbill-oss-parent.outputs.FETCH_SNAPSHOT == 'true'
-      run: |
-        cd $GITHUB_WORKSPACE/killbill-oss-parent
-        mvn ${MAVEN_FLAGS} clean install -DskipTests=true
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        source-root: killbill-client-java
-    - name: Build killbill-client-java
-      run: |
-        cd $GITHUB_WORKSPACE/killbill-client-java
-        mvn ${MAVEN_FLAGS} clean install -DskipTests=true
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
-      with:
-        checkout_path: ${{ github.workspace }}/killbill-client-java
+    uses: killbill/gh-actions-shared/.github/workflows/codeql-analysis.yml@main
