build(deps): bump swift 6.0.2 xcode 16.1 #168
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Security and Code-Quality scan with CodeQL - Package" | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
schedule: | |
- cron: '39 6 * * 1' | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
analyze: | |
name: CodeQL Scan (${{ matrix.language }}) | |
# Runner size impacts CodeQL analysis time. To learn more, please see: | |
# - https://gh.io/recommended-hardware-resources-for-running-codeql | |
# - https://gh.io/supported-runners-and-hardware-resources | |
# - https://gh.io/using-larger-runners (GitHub.com only) | |
# Consider using larger runners or machines with greater resources for possible analysis time improvements. | |
#runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} | |
#runs-on: [ self-hosted, macos ] | |
runs-on: ['macos-14'] | |
#timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} | |
timeout-minutes: 120 | |
permissions: | |
# required for all workflows | |
security-events: write | |
# required to fetch internal or private CodeQL packs | |
packages: read | |
# only required for workflows in private repositories | |
actions: read | |
contents: read | |
strategy: | |
fail-fast: false | |
matrix: | |
# https://github.com/swiftlang/swift/releases | |
swift: ["6.0.2"] | |
# https://developer.apple.com/documentation/xcode-release-notes | |
xcode: ["16.1"] | |
language: [swift] | |
build-mode: [manual] | |
# To learn more about changing the languages that are analyzed or customizing the build mode for your analysis, | |
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning. | |
# If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how | |
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages | |
steps: | |
# This step initializes the in the matrix specified version of Xcode. | |
- name: Initialize latest xcode | |
uses: maxim-lobanov/[email protected] | |
with: | |
xcode-version: ${{ matrix.xcode }} | |
# This step removes all other versions of Xcode from the machine. | |
- name: Remove old xcode versions | |
run: | | |
echo "Searching for Xcode versions:" | |
find /Applications -name "Xcode_*" -maxdepth 1 -mindepth 1 | |
echo "Removing old Xcode versions..." | |
find /Applications -name "Xcode_*" -maxdepth 1 -mindepth 1 | grep -v ${{ matrix.xcode }} | xargs rm -rf | |
echo "Available Xcode versions after removal:" | |
find /Applications -name "Xcode_*" -maxdepth 1 -mindepth 1 | |
# Initialize Swift in the matrix specified version. | |
- name: Initialize Swift | |
if: matrix.swift != '6.0.2' | |
uses: swift-actions/[email protected] | |
with: | |
swift-version: ${{ matrix.swift }} | |
# Get the Swift version. | |
- name: Get swift version | |
run: swift --version | |
# Checkout the repository. | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Initialize CodeQL. | |
- name: Initialize CodeQL | |
uses: github/codeql-action/[email protected] | |
with: | |
languages: ${{ matrix.language }} | |
build-mode: ${{ matrix.build-mode }} | |
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs | |
# queries: security-extended,security-and-quality | |
queries: security-and-quality | |
# ℹ️ Command-line programs to run using the OS shell. | |
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun | |
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). | |
# If this step fails, then you should remove it and run the build manually (see below) | |
#- name: Autobuild | |
# uses: github/codeql-action/[email protected] | |
# Check disk space. | |
- name: Check Disk Space | |
run: | | |
sleep 10 | |
df -h | |
# Manual build with the release configuration. | |
- name: Manual build | |
run: swift build --build-tests --configuration debug -v | |
# Perform CodeQL analysis after the build has completed successfully or failed. | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/[email protected] | |
if: success() || failure() | |
with: | |
category: "/language:${{matrix.language}}" |