From 991d3e916a37c852eba60c0f717ce1500dfc279d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20Miguel=20Benito=20Calzada?= <bjesus@vmware.com>
Date: Fri, 11 Nov 2022 15:53:56 +0100
Subject: [PATCH] Extract codeql from GHA linters (#5629)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In this PR we take the `CodeQL` linter out of the GHA `linters.yml`
workflow, so it is no longer part of the `Kubeapps Main Pipeline`. We
have taken this decision because the CodeQL analysis for `golang` is
really slow (~30 min) and delays the pipelines, while the value it adds
is not so clear. That being said, we have extracted to an independent
workflow as it was before introducing the reusable linters workflow.

Signed-off-by: Jesús Benito Calzada <bjesus@vmware.com>
---
 .../{codeql-reusable.yml => codeql-analysis.yml} | 16 +++++++++-------
 .github/workflows/codeql-scheduled.yml           | 14 --------------
 .github/workflows/linters.yml                    |  5 -----
 3 files changed, 9 insertions(+), 26 deletions(-)
 rename .github/workflows/{codeql-reusable.yml => codeql-analysis.yml} (91%)
 delete mode 100644 .github/workflows/codeql-scheduled.yml

diff --git a/.github/workflows/codeql-reusable.yml b/.github/workflows/codeql-analysis.yml
similarity index 91%
rename from .github/workflows/codeql-reusable.yml
rename to .github/workflows/codeql-analysis.yml
index b43289a2520..60815e9595a 100644
--- a/.github/workflows/codeql-reusable.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -2,13 +2,15 @@
 # SPDX-License-Identifier: Apache-2.0
 
 ---
+name: CodeQL Analysis
+
 on:
-  workflow_call:
-    inputs:
-      golang_version:
-        type: string
-        required: false
-        default: "1.19"
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  schedule:
+    - cron: "0 5 * * *"
 
 jobs:
   analyze:
@@ -36,7 +38,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ inputs.golang_version }}
+          go-version: 1.19
         if: ${{ matrix.language == 'go' }}
 
       # Initializes the CodeQL tools for scanning.
diff --git a/.github/workflows/codeql-scheduled.yml b/.github/workflows/codeql-scheduled.yml
deleted file mode 100644
index ea33c27e013..00000000000
--- a/.github/workflows/codeql-scheduled.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-# Copyright 2022 the Kubeapps contributors
-# SPDX-License-Identifier: Apache-2.0
-
----
-name: "CodeQL"
-
-on:
-  schedule:
-    - cron: "0 5 * * *"
-  workflow_dispatch:
-
-jobs:
-  CodeQL:
-    uses: ./.github/workflows/codeql-reusable.yml
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 953999a57ca..47aa79af4d3 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -47,8 +47,3 @@ jobs:
       - uses: actions/checkout@v3
       - name: Check license Headers
         uses: apache/skywalking-eyes/header@v0.4.0
-
-  CodeQL:
-    uses: ./.github/workflows/codeql-reusable.yml
-    with:
-      golang_version: ${{ inputs.golang_version }}