diff --git a/.github/workflows/shared-codeql.yml b/.github/workflows/shared-codeql.yml index fa9d898..6878c1f 100644 --- a/.github/workflows/shared-codeql.yml +++ b/.github/workflows/shared-codeql.yml @@ -10,6 +10,16 @@ on: description: 'Languages to analyze (JSON array, e.g., ["actions"]). See supported languages at https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks' required: true type: string + java_build_command: + description: "Optional build command for Java projects. Leave empty if not needed, build-mode: none is used." + required: false + type: string + default: "" + java_version: + description: "Optional Java version to set up (e.g. '21'). If not given, uses runner default." + required: false + type: string + default: "" jobs: analyze: @@ -30,12 +40,24 @@ jobs: language: ${{ fromJSON(inputs.languages) }} steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 + + - name: Set up Java + if: matrix.language == 'java-kotlin' && inputs.java_version != '' + uses: actions/setup-java@v5 + with: + distribution: "temurin" + java-version: ${{ inputs.java_version }} - name: Initialize CodeQL uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} + build-mode: ${{ (matrix.language == 'java-kotlin' && inputs.java_build_command != '') && 'manual' || 'none' }} + + - name: Build Java project + if: matrix.language == 'java-kotlin' && inputs.java_build_command != '' + run: ${{ inputs.java_build_command }} - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/shared-dependency-scan.yml b/.github/workflows/shared-dependency-scan.yml index 7eebf33..4b36cce 100644 --- a/.github/workflows/shared-dependency-scan.yml +++ b/.github/workflows/shared-dependency-scan.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Dependency Review uses: actions/dependency-review-action@v4