Reduce Maven console output for CodeQL analysis; cache Maven repo (#2105)

This commit is contained in:
Marcono1234 2022-04-18 15:52:53 +02:00 committed by GitHub
parent 4dda4ec5ba
commit feaf8ddc05
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -35,12 +35,20 @@ jobs:
# Run all security queries and maintainability and reliability queries
queries: +security-and-quality
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Only compile main sources, but ignore test sources because findings for them might not
# be that relevant (though GitHub security view also allows filtering by source type)
# Can replace this with github/codeql-action/autobuild action to run complete build
- name: Compile sources
run: |
mvn compile
mvn compile --batch-mode
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1