Add CodeQL security scan to CI and update image (#913)

* Add instrumented tests and CodeQL scan to CI * Remove instrumented tests, since they make problems * Update ubuntu image to latest instead of fixed outdated 18.xx version
author: Niedermann IT-Dienstleistungen <stefan-niedermann@users.noreply.github.com> 2021-04-27 11:22:17 +0300
committer: GitHub <noreply@github.com> 2021-04-27 11:22:17 +0300
commit: 232c1a753f0787f897af876f27411a81d02bd485 (patch)
tree: 6664ef4ed63e709c04279666a1d26c028d7416ee /.github
parent: 9c3df5ac933cdbaa514786e9f0dd30e647d8db25 (diff)
1 files changed, 17 insertions, 4 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5946bd4d..600d4fbb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -24,8 +24,7 @@ jobs:
 
   test:
     name: Run Unit Tests
-    runs-on: ubuntu-18.04
-
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
       - name: set up JDK 1.8
@@ -35,10 +34,24 @@ jobs:
       - name: Unit tests
         run: bash ./gradlew test --stacktrace
 
+  codeql:
+    name: CodeQL security scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: java
+      - name: Build debug APK
+        run: bash ./gradlew assembleDev
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
+
   apk:
     name: Generate APK
-    runs-on: ubuntu-18.04
-
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
       - name: set up JDK 1.8
author	Niedermann IT-Dienstleistungen <stefan-niedermann@users.noreply.github.com>	2021-04-27 11:22:17 +0300
committer	GitHub <noreply@github.com>	2021-04-27 11:22:17 +0300
commit	232c1a753f0787f897af876f27411a81d02bd485 (patch)
tree	6664ef4ed63e709c04279666a1d26c028d7416ee /.github
parent	9c3df5ac933cdbaa514786e9f0dd30e647d8db25 (diff)