Update: only run CodeQL and Integration actions if code changed

2024-12-20 19:06:06 +01:00 · 2024-11-08 11:20:02 -07:00 · 2024-11-08 11:20:02 -07:00 · 1fa67535f9
commit 1fa67535f9
parent 850ed48955
2 changed files with 52 additions and 32 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,11 +1,25 @@
-name: "CodeQL"
+name: 'CodeQL'

 on:
  push:
-    branches: [ 'master' ]
+    branches: ['master']
+    # Only build when files in these directories have been changed
+    paths:
+      - client/**
+      - server/**
+      - test/**
+      - index.js
+      - package.json
  pull_request:
    # The branches below must be a subset of the branches above
-    branches: [ 'master' ]
+    branches: ['master']
+    # Only build when files in these directories have been changed
+    paths:
+      - client/**
+      - server/**
+      - test/**
+      - index.js
+      - package.json
  schedule:
    - cron: '16 5 * * 4'

@ -21,7 +35,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        language: [ 'javascript' ]
+        language: ['javascript']
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Use only 'java' to analyze code written in Java, Kotlin or both
        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
@ -43,7 +57,6 @@ jobs:
          # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality

-
      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
@ -62,4 +75,4 @@ jobs:
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
        with:
-        category: "/language:${{matrix.language}}"
+          category: '/language:${{matrix.language}}'
--- a/.github/workflows/integration-test.yml
+++ b/.github/workflows/integration-test.yml
@ -5,6 +5,13 @@ on:
  push:
    branches-ignore:
      - 'dependabot/**' # Don't run dependabot branches, as they are already covered by pull requests
+    # Only build when files in these directories have been changed
+    paths:
+      - client/**
+      - server/**
+      - test/**
+      - index.js
+      - package.json

 jobs:
  build: