This is an automated email from the ASF dual-hosted git repository.
merlimat pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new bf709ee14e5 [fix][ci] Fix CodeQL job which is currently broken (#25966)
bf709ee14e5 is described below
commit bf709ee14e59b6900e9b2101e944e5e25ab79c81
Author: Lari Hotari <[email protected]>
AuthorDate: Mon Jun 8 18:11:45 2026 +0300
[fix][ci] Fix CodeQL job which is currently broken (#25966)
---
.github/workflows/codeql.yaml | 30 ++++++++++++++++++++++++++----
.github/workflows/pulsar-ci.yaml | 28 ++++++++++++++++++++++++----
2 files changed, 50 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
index 5448dc703e0..ccaa8d1c875 100644
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@@ -30,6 +30,9 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
cancel-in-progress: true
+env:
+ JDK_DISTRIBUTION: corretto
+
jobs:
analyze:
# only run on push and schedule in apache/pulsar repo
@@ -49,14 +52,33 @@ jobs:
language: [ 'java-kotlin' ]
steps:
+ - name: Set up JDK
+ uses: actions/setup-java@v5
+ with:
+ distribution: ${{ env.JDK_DISTRIBUTION }}
+ java-version: 21
+
- name: Checkout repository
uses: actions/checkout@v6
+ - name: Setup Gradle
+ uses: ./.github/actions/setup-gradle
+ with:
+ develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+ cache-read-only: true
+
+ - name: Configure Gradle for CodeQL
+ run: |
+ cat >> gradle.properties <<'EOF'
+
+ org.gradle.configuration-cache=false
+ org.gradle.configureondemand=false
+ org.gradle.parallel=false
+ org.gradle.caching=false
+ org.gradle.daemon=false
+ EOF
+
# Initializes the CodeQL tools for scanning.
- # Use build-mode: none so CodeQL extracts the source directly instead of
- # tracing a Gradle build. A traced build fails intermittently because the
- # Gradle build cache restores compileJava/compileKotlin FROM-CACHE, so no
- # compiler runs and CodeQL sees no source ("could not process any of
it").
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
diff --git a/.github/workflows/pulsar-ci.yaml b/.github/workflows/pulsar-ci.yaml
index c1912f8e691..16a4e0c1951 100644
--- a/.github/workflows/pulsar-ci.yaml
+++ b/.github/workflows/pulsar-ci.yaml
@@ -836,6 +836,7 @@ jobs:
contents: read
security-events: write
env:
+ CI_JDK_MAJOR_VERSION: ${{ needs.preconditions.outputs.jdk_major_version
}}
CODEQL_LANGUAGE: java-kotlin
steps:
- name: checkout
@@ -852,10 +853,29 @@ jobs:
with:
limit-access-to-actor: true
- # Use build-mode: none so CodeQL extracts the source directly instead of
- # tracing a Gradle build. A traced build fails intermittently because the
- # Gradle build cache restores compileJava/compileKotlin FROM-CACHE, so no
- # compiler runs and CodeQL sees no source ("could not process any of
it").
+ - name: Set up JDK ${{ env.CI_JDK_MAJOR_VERSION }}
+ uses: actions/setup-java@v5
+ with:
+ distribution: ${{ env.JDK_DISTRIBUTION }}
+ java-version: ${{ env.CI_JDK_MAJOR_VERSION }}
+
+ - name: Setup Gradle
+ uses: ./.github/actions/setup-gradle
+ with:
+ develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+ cache-read-only: true
+
+ - name: Configure Gradle for CodeQL
+ run: |
+ cat >> gradle.properties <<'EOF'
+
+ org.gradle.configuration-cache=false
+ org.gradle.configureondemand=false
+ org.gradle.parallel=false
+ org.gradle.caching=false
+ org.gradle.daemon=false
+ EOF
+
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
