Files
starter-workflows/code-scanning/pmd.yml
T
Andreas Dangel d580918e06 Update pmd to v1.2.0
* Use pmd/pmd-github-action@967a81f8b6
   which is v1.2.0
* Remove "cache: maven" setting, which fails if no pom.xml file
   is existing
* Set parameter "analyzeModifiedFilesOnly: false" to prevent incomplete
   analysis results. See also https://github.com/pmd/pmd-github-action/issues/35
2022-02-10 18:10:25 +01:00

37 lines
993 B
YAML

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: pmd
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
jobs:
pmd-code-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v2
with:
java-version: '11'
distribution: 'temurin'
- name: Run PMD
id: pmd
uses: pmd/pmd-github-action@967a81f8b657c87f7c3e96b62301cb1a48efef29
with:
rulesets: 'rulesets/java/quickstart.xml'
sourcePath: 'src/main/java'
analyzeModifiedFilesOnly: false
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: pmd-report.sarif