From 0ccf4774b17d8f30de26695d41ce541444fbacf5 Mon Sep 17 00:00:00 2001
From: Mads Opheim <mads.opheim@nav.no>
Date: Thu, 14 Sep 2023 13:40:42 +0200
Subject: [PATCH 1/3] EY-2537: Sett opp codeql

---
 .github/actions/setup-backend/action.yaml | 13 +++++
 .github/codeql.yml                        | 66 +++++++++++++++++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 .github/actions/setup-backend/action.yaml
 create mode 100644 .github/codeql.yml

diff --git a/.github/actions/setup-backend/action.yaml b/.github/actions/setup-backend/action.yaml
new file mode 100644
index 00000000..0bfda389
--- /dev/null
+++ b/.github/actions/setup-backend/action.yaml
@@ -0,0 +1,13 @@
+name: Setup backend
+description: Steps for setup of the backend modules
+
+runs:
+  using: composite
+  steps:
+    - name: Set up JDK 17
+      uses: actions/setup-java@v3
+      with:
+        distribution: temurin
+        java-version: 17
+    - name: Setup Gradle
+      uses: gradle/gradle-build-action@v2
\ No newline at end of file
diff --git a/.github/codeql.yml b/.github/codeql.yml
new file mode 100644
index 00000000..3ba0aa14
--- /dev/null
+++ b/.github/codeql.yml
@@ -0,0 +1,66 @@
+name: "CodeQL"
+
+on:
+  schedule:
+    # At 05:30 on every day-of-week from Monday through Friday.
+    - cron: "30 5 * * 1-5"
+
+jobs:
+  analyze-java:
+    name: Analyze Java (Kotlin)
+    runs-on:
+      labels: ubuntu-latest-8-cores
+    timeout-minutes: 360
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: java
+          queries: security-and-quality
+
+      - name: Setup backend
+        uses: ./.github/actions/setup-backend
+
+      - name: Assemble
+        run: ./gradlew assemble --no-build-cache --no-configuration-cache
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:java"
+
+  analyze-javascript:
+    name: Analyze Javascript (Typescript)
+    runs-on:
+      labels: ubuntu-latest-8-cores
+    timeout-minutes: 360
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: javascript
+          queries: security-and-quality
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:javascript"
\ No newline at end of file

From 22db10ce02fdd97499f672d6b9ba3c0488618b21 Mon Sep 17 00:00:00 2001
From: Mads Opheim <mads.opheim@nav.no>
Date: Thu, 28 Sep 2023 10:10:17 +0200
Subject: [PATCH 2/3] EY-2537: Endringar etter QA

---
 .github/actions/setup-backend/action.yaml | 13 -------------
 .github/codeql.yml                        | 12 +++++++++---
 2 files changed, 9 insertions(+), 16 deletions(-)
 delete mode 100644 .github/actions/setup-backend/action.yaml

diff --git a/.github/actions/setup-backend/action.yaml b/.github/actions/setup-backend/action.yaml
deleted file mode 100644
index 0bfda389..00000000
--- a/.github/actions/setup-backend/action.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-name: Setup backend
-description: Steps for setup of the backend modules
-
-runs:
-  using: composite
-  steps:
-    - name: Set up JDK 17
-      uses: actions/setup-java@v3
-      with:
-        distribution: temurin
-        java-version: 17
-    - name: Setup Gradle
-      uses: gradle/gradle-build-action@v2
\ No newline at end of file
diff --git a/.github/codeql.yml b/.github/codeql.yml
index 3ba0aa14..e8c3aa79 100644
--- a/.github/codeql.yml
+++ b/.github/codeql.yml
@@ -9,7 +9,7 @@ jobs:
   analyze-java:
     name: Analyze Java (Kotlin)
     runs-on:
-      labels: ubuntu-latest-8-cores
+      labels: ubuntu-latest
     timeout-minutes: 360
     permissions:
       actions: read
@@ -26,8 +26,14 @@ jobs:
           languages: java
           queries: security-and-quality
 
-      - name: Setup backend
-        uses: ./.github/actions/setup-backend
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 17
+
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
 
       - name: Assemble
         run: ./gradlew assemble --no-build-cache --no-configuration-cache

From 7c324f0b4e72f5ffcc6f83d165c0e3927b785388 Mon Sep 17 00:00:00 2001
From: Mads Opheim <mads.opheim@nav.no>
Date: Thu, 28 Sep 2023 10:14:44 +0200
Subject: [PATCH 3/3] EY-2537: Fila var feilplassert

---
 .github/{ => workflows}/codeql.yml | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename .github/{ => workflows}/codeql.yml (100%)

diff --git a/.github/codeql.yml b/.github/workflows/codeql.yml
similarity index 100%
rename from .github/codeql.yml
rename to .github/workflows/codeql.yml