Update detekt.yml

.github/workflows/detekt.yml

@@ -6,80 +6,78 @@ on:
   pull_request:
     branches: [ "main" ]
   schedule:
-     - cron: '38 15 * * 4'
+    - cron: '38 15 * * 4'
   workflow_dispatch:
 
 env:
   DETEKT_RELEASE_TAG: v1.20.0
+  JAVA_HOME: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/17.0.11-9/x64
+  JAVA_HOME_17_X64: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/17.0.11-9/x64
 
 jobs:
   scan:
     name: Scan
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-    - name: Set up JDK 17
-      uses: actions/setup-java@v3
-      with:
-        distribution: 'temurin'
-        java-version: '17'
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
 
-    - name: Install dependencies
-      run: |
-        chmod +x ./gradlew
-        ./gradlew dependencies
+      - name: Install dependencies and get Detekt download URL
+        run: |
+          ./gradlew dependencies
 
-    - name: Get Detekt download URL
-      id: detekt_info
-      env:
-        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      run: |
-        gh api graphql --field tagName=$DETEKT_RELEASE_TAG --raw-field query='
-          query getReleaseAssetDownloadUrl($tagName: String!) {
-            repository(name: "detekt", owner: "detekt") {
-              release(tagName: $tagName) {
-                releaseAssets(name: "detekt", first: 1) {
-                  nodes {
-                    downloadUrl
+          gh api graphql --field tagName=$DETEKT_RELEASE_TAG --raw-field query='
+            query getReleaseAssetDownloadUrl($tagName: String!) {
+              repository(name: "detekt", owner: "detekt") {
+                release(tagName: $tagName) {
+                  releaseAssets(name: "detekt", first: 1) {
+                    nodes {
+                      downloadUrl
+                    }
+                  }
+                  tagCommit {
+                    oid
                   }
-                }
-                tagCommit {
-                  oid
                 }
               }
             }
-          }
-        ' > gh_response.json
+          ' > gh_response.json
 
-        DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.tagCommit.oid' gh_response.json)
-        if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
-          echo "Release tag doesn't match expected commit SHA"
-          exit 1
-        fi
+          DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.tagCommit.oid' gh_response.json)
+          if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
+            echo "릴리스 태그와 관련된 커밋 SHA가 예상되는 값과 일치하지 않습니다"
+            exit 1
+          fi
 
-        DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
-        echo "download_url=$DETEKT_DOWNLOAD_URL" >> $GITHUB_ENV
+          DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
+          echo "download_url=$DETEKT_DOWNLOAD_URL" >> $GITHUB_ENV
 
-    - name: Setup Detekt
-      run: |
-        dest=$(mktemp -d)
-        curl --request GET --url ${{ steps.detekt_info.outputs.download_url }} --silent --location --output $dest/detekt
-        chmod a+x $dest/detekt
-        echo $dest >> $GITHUB_PATH
+      - name: Setup Detekt
+        run: |
+          dest=$(mktemp -d)
+          curl --request GET --url ${{ env.download_url }} --silent --location --output $dest/detekt
+          chmod a+x $dest/detekt
+          echo $dest >> $GITHUB_PATH
 
-    - name: Run Detekt
-      continue-on-error: true
-      run: |
-        detekt --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
+      - name: Run Detekt
+        continue-on-error: true
+        run: |
+          detekt --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
 
-    - name: Make artifact location URIs relative
-      continue-on-error: true
-      run: |
-        jq --arg github_workspace ${{ github.workspace }} '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' ${{ github.workspace }}/detekt.sarif.json > ${{ github.workspace }}/detekt.sarif.json
+      - name: Make artifact location URIs relative
+        continue-on-error: true
+        run: |
+          jq --arg github_workspace ${{ github.workspace }} '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' ${{ github.workspace }}/detekt.sarif.json > ${{ github.workspace }}/detekt.sarif.json
 
-    - uses: github/codeql-action/upload-sarif@v2
-      with:
-        sarif_file: ${{ github.workspace }}/detekt.sarif.json
-        checkout_path: ${{ github.workspace }}
+      - name: Upload Detekt results
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ github.workspace }}/detekt.sarif.json
+          checkout_path: ${{ github.workspace }}