1+ name : Analyze Code Graph
2+
3+ on :
4+ workflow_call :
5+ inputs :
6+ analysis-name :
7+ description : " The name of the project to analyze. E.g. MyProject-1.0.0"
8+ required : true
9+ type : string
10+ artifacts-upload-name :
11+ description : " The name of the artifacts uploaded with 'actions/upload-artifact' containing the content of the 'artifacts' directory for the analysis."
12+ required : false
13+ type : string
14+ default : ' '
15+ sources-upload-name :
16+ description : " The name of the sources uploaded with 'actions/upload-artifact' containing the content of the 'source' directory for the analysis."
17+ required : false
18+ type : string
19+ default : ' '
20+ analysis-arguments :
21+ description : " The arguments to pass to the analysis script (default='--profile Neo4jv5-low-memory')."
22+ required : false
23+ type : string
24+ default : ' --profile Neo4jv5-low-memory'
25+ typescript-scan-heap-memory :
26+ description : " The heap memory in MB to use for the TypeScript scan (default=4096)"
27+ required : false
28+ type : string
29+ default : ' 4096'
30+ outputs :
31+ uploaded-analysis-results :
32+ description : " The name of the artifact uploaded with 'actions/upload-artifact' containing the analysis results."
33+ value : ${{ jobs.analyze-code-graph.outputs.uploaded-analysis-results-artifact-name }}
34+
35+ jobs :
36+ analyze-code-graph :
37+ runs-on : ubuntu-latest
38+ outputs :
39+ uploaded-analysis-results-artifact-name : ${{ steps.set-analysis-results-artifact-name.outputs.uploaded-analysis-results-artifact-name }}
40+ strategy :
41+ matrix :
42+ include :
43+ - os : ubuntu-latest
44+ java : 17
45+ python : 3.11
46+ miniforge : 24.9.0-0
47+ steps :
48+ - name : Assure that either artifacts-upload-name or sources-upload-name is set
49+ if : inputs.artifacts-upload-name == '' && inputs.sources-upload-name == ''
50+ run : echo "Please specify either the input parameter 'artifacts-upload-name' or 'sources-upload-name'."; exit 1
51+ - name : Checkout code-graph-analysis-pipeline
52+ uses : actions/checkout@v4
53+ with :
54+ repository : JohT/code-graph-analysis-pipeline
55+ ref : 41f3e22b5bd65351474dd23effeee91fab849a12
56+ path : code-graph-analysis-pipeline
57+ persist-credentials : false
58+
59+ - name : (Java Setup) Java Development Kit (JDK) ${{ matrix.java }}
60+ uses : actions/setup-java@v4
61+ with :
62+ distribution : " temurin"
63+ java-version : ${{ matrix.java }}
64+
65+ # "Setup Python" can be skipped if jupyter notebook analysis-results aren't needed
66+ - name : (Python Setup) Setup Cache for Conda package manager Miniforge
67+ uses : actions/cache@v4
68+ env :
69+ # Increase this value to reset cache if etc/example-environment.yml has not changed
70+ # Reference: https://github.com/conda-incubator/setup-miniconda#caching
71+ CACHE_NUMBER : 0
72+ with :
73+ path : ~/conda_pkgs_dir
74+ key :
75+ ${{ runner.os }}-conda-${{ env.CACHE_NUMBER }}-environments-${{hashFiles('**/environment.yml', '.github/workflows/*.yml') }}
76+
77+ - name : (Python Setup) Use version ${{ matrix.python }} with Conda package manager Miniforge
78+ uses : conda-incubator/setup-miniconda@v3
79+ with :
80+ python-version : ${{ matrix.python }}
81+ miniforge-version : ${{ matrix.miniforge }}
82+ activate-environment : codegraph
83+ environment-file : ./code-graph-analysis-pipeline/jupyter/environment.yml
84+ auto-activate-base : false
85+ use-only-tar-bz2 : true # IMPORTANT: This needs to be set for caching to work properly!
86+ - name : (Python Setup) Conda environment info
87+ shell : bash -el {0}
88+ run : conda info
89+
90+ - name : (Code Analysis Setup) Add code-graph-analysis-pipeline temporarily to .gitignore
91+ shell : bash
92+ run : |
93+ echo "" >> .gitignore
94+ echo "# Code Graph Analysis Pipeline" >> .gitignore
95+ echo "code-graph-analysis-pipeline/" >> .gitignore
96+
97+ name : (Code Analysis Setup) Setup Cache Analysis Downloads
98+ uses : actions/cache@v4
99+ with :
100+ path : ./code-graph-analysis-pipeline/temp/downloads
101+ key :
102+ ${{ runner.os }}-${{ hashFiles('**/*.sh') }}
103+
104+ - name : (Code Analysis Setup) Generate Neo4j Initial Password
105+ id : generate-neo4j-initial-password
106+ shell : bash
107+ run : |
108+ generated_password=$( LC_ALL=C tr -dc '[:graph:]' </dev/urandom | head -c 12; echo )
109+ echo "::add-mask::$generated_password"
110+ echo "neo4j-initial-password=$generated_password" >> "$GITHUB_OUTPUT"
111+
112+ name : (Code Analysis Setup) Initialize Analysis
113+ shell : bash
114+ working-directory : code-graph-analysis-pipeline
115+ env :
116+ NEO4J_INITIAL_PASSWORD : ${{ steps.generate-neo4j-initial-password.outputs.neo4j-initial-password }}
117+ run : ./init.sh ${{ inputs.analysis-name }}
118+
119+ - name : (Code Analysis Setup) Download sources for analysis
120+ if : inputs.sources-upload-name != ''
121+ uses : actions/download-artifact@v4
122+ with :
123+ name : ${{ inputs.sources-upload-name }}
124+ path : code-graph-analysis-pipeline/temp/${{ inputs.analysis-name }}/source/${{ inputs.analysis-name }}
125+
126+ - name : (Code Analysis Setup) Download artifacts for analysis
127+ if : inputs.artifacts-upload-name != ''
128+ uses : actions/download-artifact@v4
129+ with :
130+ name : ${{ inputs.artifacts-upload-name }}
131+ path : code-graph-analysis-pipeline/temp/${{ inputs.analysis-name }}/artifacts
132+
133+ - name : (Code Analysis) Analyze ${{ inputs.analysis-name }}
134+ working-directory : code-graph-analysis-pipeline/temp/${{ inputs.analysis-name }}
135+ # Shell type can be skipped if jupyter notebook analysis-results (and therefore conda) aren't needed
136+ shell : bash -el {0}
137+ env :
138+ NEO4J_INITIAL_PASSWORD : ${{ steps.generate-neo4j-initial-password.outputs.neo4j-initial-password }}
139+ ENABLE_JUPYTER_NOTEBOOK_PDF_GENERATION : " true"
140+ IMPORT_GIT_LOG_DATA_IF_SOURCE_IS_PRESENT : " " # Options: "none", "aggregated", "full". default = "plugin" or ""
141+ run : |
142+ TYPESCRIPT_SCAN_HEAP_MEMORY=${{ inputs.typescript-scan-heap-memory }} ./../../scripts/analysis/analyze.sh ${{ inputs.analysis-arguments }}
143+
144+ name : Assemble ENVIRONMENT_INFO
145+ run : echo "ENVIRONMENT_INFO=-${{ matrix.java }}-python-${{ matrix.python }}-miniforge-${{ matrix.miniforge }}" >> $GITHUB_ENV
146+
147+ - name : Set artifact name for uploaded analysis results
148+ id : set-analysis-results-artifact-name
149+ run : echo "uploaded-analysis-results-artifact-name=code-analysis-results-java-${{ env.ENVIRONMENT_INFO }}" >> $GITHUB_OUTPUT
150+
151+ # Upload logs and unfinished analysis-results in case of an error for troubleshooting
152+ - name : (Code Analysis Results) Archive failed run with logs and unfinished analysis-results
153+ if : failure()
154+ uses : actions/upload-artifact@v4
155+ with :
156+ name : java-code-analysis-logs-java-${{ matrix.java }}-python-${{ matrix.python }}-miniforge-${{ matrix.miniforge }}
157+ path : |
158+ ./code-graph-analysis-pipeline/temp/**/runtime/*
159+ ./code-graph-analysis-pipeline/temp/**/reports/*
160+ retention-days : 5
161+
162+ # Upload successful analysis-results in case they are needed for troubleshooting
163+ - name : (Code Analysis Results) Archive successful analysis-results
164+ if : success()
165+ uses : actions/upload-artifact@v4
166+ with :
167+ name : ${{ steps.set-analysis-results-artifact-name.outputs.uploaded-analysis-results-artifact-name }}
168+ path : ./code-graph-analysis-pipeline/temp/**/reports/*
169+ if-no-files-found : error
170+ retention-days : 5
171+
172+ # Upload Database Export
173+ # Only possible after an export with "./../../scripts/analysis/analyze.sh --report DatabaseCsvExport"
174+ # Won't be done here because of performance and security concerns
175+ # - name: Archive exported database
176+ # uses: actions/upload-artifact@v3
177+ # with:
178+ # name: typescript-code-analysis-database-export-${{ matrix.java }}-python-${{ matrix.python }}-miniforge-${{ matrix.miniforge }}
179+ # path: ./code-graph-analysis-pipeline/temp/**/import
180+ # if-no-files-found: error
181+ # retention-days: 5
0 commit comments