diff --git a/.github/actions/codeql-and-dependency-checks/action.yml b/.github/actions/codeql-and-dependency-checks/action.yml new file mode 100644 index 00000000..91c4d82f --- /dev/null +++ b/.github/actions/codeql-and-dependency-checks/action.yml @@ -0,0 +1,20 @@ +name: Run CodeQL and dependency review +description: Runs CodeQL checks as well as dependency checks for issues. + +runs: + using: composite + + steps: + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: csharp, javascript + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + + - name: 'Dependency Review' + uses: actions/dependency-review-action@v4 diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..00e8b757 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,23 @@ +version: 2 +updates: + + - package-ecosystem: github-actions + directory: / + schedule: + interval: 'daily' + labels: + - github-actions + + - package-ecosystem: docker + directory: / + schedule: + interval: 'weekly' + labels: + - docker + + - package-ecosystem: nuget + directory: / + schedule: + interval: 'daily' + labels: + - nuget \ No newline at end of file diff --git a/.github/workflows/code-pr-check.yml b/.github/workflows/code-pr-check.yml index dcfa6006..d52f7a48 100644 --- a/.github/workflows/code-pr-check.yml +++ b/.github/workflows/code-pr-check.yml @@ -24,7 +24,7 @@ env: jobs: build-app: - name: Build and run unit tests + name: Build, check and run tests runs-on: ubuntu-22.04 steps: @@ -36,6 +36,9 @@ jobs: with: dotnet_version: ${{ env.DOTNET_VERSION }} solution_filename: ${{ env.SOLUTION_NAME }} + + - name: Run CodeQL and dependency checks + uses: ./.github/actions/codeql-and-dependency-checks - name: Run unit tests uses: ./.github/actions/run-unit-tests