Commit Graph

18 Commits

Author SHA1 Message Date
Anders Kaseorg bfd68d5e69 ci: Upgrade github/codeql-action.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-07-17 19:37:28 -07:00
Anders Kaseorg 0347e07a96 ci: Upgrade external GitHub actions.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-02-21 17:17:36 -08:00
Varun Sharma 6cdf2853ff
ci: Limit GitHub token permissions for workflows.
This limits the ability for an Action to do mischief with this token.

Fixes #22786.

Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
2022-08-29 17:12:55 -07:00
Anders Kaseorg e8283b37b4 ci: Limit CodeQL analysis with the same branches for push, pull_request.
Silences “Warning: 1 issue was detected with this workflow: Please
make sure that every branch in on.pull_request is also in on.push so
that Code Scanning can compare pull requests against the state of the
base branch.”

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-07 14:51:51 -07:00
Anders Kaseorg acff0879e7 ci: Avoid duplicate GitHub Actions runs for push, pull_request.
We’ve always been running CI on both push events and pull_request
events, which means it runs twice for commits that are pushed to a
pull request.

Filter the push events by branch name.  Add the workflow_dispatch
event in case developers want to manually run CI on some other branch
that isn’t a pull request.

https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-06 17:31:07 -07:00
Anders Kaseorg 27fa91066c ci: Update GitHub Actions dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-05 15:54:46 -07:00
Anders Kaseorg 4a11642cee ci: Replace cancel-previous-runs job with concurrency configuration.
Using ‘github.head_ref || github.run_id’ makes this only cancel
in-progress jobs for pull_request events.

https://docs.github.com/en/actions/using-jobs/using-concurrency

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-05 13:08:06 -07:00
Alex Vandiver acbe7ae7a8 github: Ignore CodeQL analysis in private repos.
CodeQL only runs in public repos; private forks will otherwise error
their CI runs.
2021-09-30 18:07:20 -07:00
Anders Kaseorg a9501772c1 ci: Do not run CodeQL on Dependabot push events.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-04 02:34:21 -07:00
Anders Kaseorg d464b3c805 ci: Run CodeQL on merge commit.
As per https://github.com/github/codeql-action/pull/297.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-03 13:51:18 -07:00
Anders Kaseorg 72d6ff3c3b docs: Fix more capitalization issues.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-23 11:46:55 -07:00
Anders Kaseorg dd48dbd912 docs: Add spaces to “check out”, “log in”, “set up”, “sign up” as verbs.
“Checkout”, “login”, “setup”, and “signup” are nouns, not verbs.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-13 15:47:13 -07:00
Anders Kaseorg 58808c2362 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-24 16:33:45 -07:00
Anders Kaseorg d9860d40a6 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 19:34:37 -07:00
Anders Kaseorg 2794bc1ef4 lint: Reformat YAML files with Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-14 16:25:31 -07:00
Priyank Patel 61955ecf41 github-actions: Don't run code scanning workflow every week.
Since we already run this on every push we don't need to run it as a
cron job every week for no reason. While we are touching this code
block, we convert it to on: [push, pull_request] since the previous
format felt weird. It was only written that way because we had the
cron job declared there.
2020-07-07 17:26:16 -07:00
Priyank Patel 4938d6ab6b minor: Rename codeql workflow names.
This makes it so the GitHub displays the runs as "Code Scanning / CodeQL"
instead of "Code scanning - actions / CodeQL-Build".
2020-07-07 17:26:16 -07:00
Tim Abbott cc8353f8b1 github: Enable new codeql-analysis feature.
This file was generated by GitHub's code analysis tutorial; we were
just approved from their waitlist.

I deleted the part to run compilers as it is not relevant for us.
2020-06-26 16:59:28 -07:00