diff --git a/.github/workflows/gradle.yml b/.github/workflows/build.yml similarity index 71% rename from .github/workflows/gradle.yml rename to .github/workflows/build.yml index b01e81d..21f4645 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,4 @@ -name: Gradle Build +name: Build on: push: @@ -11,6 +11,7 @@ permissions: jobs: build: + name: Gradle build runs-on: ubuntu-latest steps: @@ -24,7 +25,7 @@ jobs: java-version: "17" - name: Setup Gradle - uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/setup-gradle@v4 - name: Make Gradle wrapper executable run: chmod +x ./gradlew @@ -33,14 +34,14 @@ jobs: run: ./gradlew build --no-daemon --stacktrace dependency-submission: - needs: build + name: Dependency submission runs-on: ubuntu-latest - permissions: contents: write steps: - - uses: actions/checkout@v4 + - name: Checkout + uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 @@ -49,7 +50,10 @@ jobs: java-version: "17" - name: Setup Gradle - uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/setup-gradle@v4 + + - name: Make Gradle wrapper executable + run: chmod +x ./gradlew - name: Generate and submit dependency graph - uses: gradle/actions/dependency-submission@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/dependency-submission@v4 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..e869255 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,48 @@ +name: CodeQL + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +permissions: + contents: read + security-events: write + +jobs: + analyze: + name: Analyze (CodeQL) + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: [ "java-kotlin" ] + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: "17" + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v4 + + - name: Make Gradle wrapper executable + run: chmod +x ./gradlew + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Build for CodeQL + run: ./gradlew classes --no-daemon --stacktrace + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 0000000..b73fb1d --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,60 @@ +version: 2 + +updates: + - package-ecosystem: "gradle" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "06:00" + timezone: "Europe/Lisbon" + open-pull-requests-limit: 5 + labels: + - "dependencies" + commit-message: + prefix: "Build" + include: "scope" + groups: + kotlin: + patterns: + - "org.jetbrains.kotlin*" + - "org.jetbrains.kotlinx*" + libgdx: + patterns: + - "com.badlogicgames.gdx*" + - "io.github.libktx*" + testing: + patterns: + - "org.junit*" + - "org.assertj*" + - "io.mockk*" + - "org.mockito*" + logging: + patterns: + - "org.slf4j*" + - "ch.qos.logback*" + - "net.logstash.logback*" + tooling: + patterns: + - "org.jlleitschuh.gradle.ktlint*" + - "org.gradle.toolchains*" + - "com.github.ajalt.mordant*" + ignore: + - dependency-name: "*" + update-types: + - "version-update:semver-major" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "06:30" + timezone: "Europe/Lisbon" + open-pull-requests-limit: 3 + labels: + - "dependencies" + - "ci" + commit-message: + prefix: "CI" + include: "scope"