name: Nightly CodeQL analysis

on:
  workflow_dispatch:
  schedule:
    - cron: '30 1 * * *'

jobs:
  analyze:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Setup Java 17
        uses: actions/setup-java@v2
        with:
          distribution: temurin
          java-version: 17

      - name: Initialize CodeQL
        uses: github/codeql-action/init@v1
        with:
          languages: java

      - uses: gradle/gradle-build-action@v2
        env:
          # see https://github.com/github/codeql-action/issues/972
          JAVA_TOOL_OPTIONS: "--add-opens=jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED"
        with:
          # skipping build cache is needed so that all modules will be analyzed
          arguments: assemble --no-build-cache

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v1

  issue:
    name: Open issue on failure
    needs: analyze
    if: failure()
    uses: ./.github/workflows/reusable-create-issue-for-failure.yml