Update check_properties.yml

Update swagger.yml
Update build.yml
2024-12-21 01:02:25 +00:00 · 2024-12-21 01:00:46 +00:00 · 2024-12-21 01:00:37 +00:00 · 2024-12-21 00:58:18 +00:00 · 2024-12-21 00:50:12 +00:00 · 2024-12-21 00:49:06 +00:00
5 changed files with 58 additions and 3 deletions
--- a/.github/workflows/PR-Demo-Comment.yml
+++ b/.github/workflows/PR-Demo-Comment.yml
@@ -3,7 +3,9 @@ name: PR Deployment via Comment
 on:
  issue_comment:
    types: [created]
-
+permissions:
+  pull-requests: write
+  contents: write 
 jobs:
  check-comment:
    runs-on: ubuntu-latest
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -54,7 +54,8 @@ jobs:
    #     )

    runs-on: ubuntu-latest
-
+    permissions:
+      contents: read 
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4
--- a/.github/workflows/check_properties.yml
+++ b/.github/workflows/check_properties.yml
@@ -14,6 +14,9 @@ jobs:
  check-files:
    if: github.event_name == 'pull_request_target'
    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write 
    steps:
      - name: Checkout main branch first
        uses: actions/checkout@v4
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,48 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '30 1 * * 0'  # Runs at 01:30 UTC every Sunday
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    timeout-minutes: 360
+    permissions:
+      actions: read
+      contents: read
+      security-events: false
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'java' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-extended,security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"
--- a/.github/workflows/swagger.yml
+++ b/.github/workflows/swagger.yml
@@ -5,7 +5,8 @@ on:
  push:
    branches:
      - master
-
+permissions:
+  contents: read 
 jobs:
  push:
    runs-on: ubuntu-latest
Author	SHA1	Message	Date
Anthony Stirling	768cb20e75	Update check_properties.yml	2024-12-21 01:02:25 +00:00
Anthony Stirling	339bbbf4b1	Update swagger.yml	2024-12-21 01:00:46 +00:00
Anthony Stirling	475036d12e	Update build.yml	2024-12-21 01:00:37 +00:00
Anthony Stirling	b1fa2246a1	Create codeql.yml	2024-12-21 00:58:18 +00:00
Anthony Stirling	abaab580be	Update PR-Demo-Comment.yml	2024-12-21 00:50:12 +00:00
Anthony Stirling	1d700ae062	Update PR-Demo-Comment.yml	2024-12-21 00:49:06 +00:00