Adds reusables and content to support public beta release of CodeQL f…

…or Kotlin (github#32859)

Co-authored-by: Felicity Chapman <[email protected]>

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning.md

@@ -441,11 +441,11 @@ If you have a workflow that generates more than one {% data variables.product.pr
 {% raw %}
 ``` yaml
 packs:
-  # Use these packs for JavaScript analysis
+  # Use these packs for JavaScript and TypeScript analysis
   javascript:
     - scope/js-pack1
     - scope/js-pack2
-  # Use these packs for Java analysis
+  # Use these packs for Java and Kotlin analysis
   java:
     - scope/java-pack1
     - scope/[email protected]

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md

@@ -4,6 +4,7 @@ shortTitle: Configure compiled languages
 intro: 'You can configure how {% data variables.product.prodname_dotcom %} uses the {% data variables.code-scanning.codeql_workflow %} to scan code written in compiled languages for vulnerabilities and errors.'
 product: '{% data reusables.gated-features.code-scanning %}'
 permissions: 'If you have write permissions to a repository, you can configure {% data variables.product.prodname_code_scanning %} for that repository.'
+miniTocMaxHeadingLevel: 3
 redirect_from:
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning-for-compiled-languages
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-the-codeql-action-for-compiled-languages
@@ -25,6 +26,7 @@ topics:
   - C/C++
   - C#
   - Java
+  - Kotlin
 ---
 
 
@@ -41,7 +43,7 @@ For general information about configuring {% data variables.product.prodname_cod
 ##  About autobuild for {% data variables.product.prodname_codeql %}
 
 {% data variables.product.prodname_code_scanning_capc %} works by running queries against one or more databases. Each database contains a representation of all of the code in a single language in your repository.   
-For the compiled languages C/C++, C#,{% ifversion codeql-go-autobuild %} Go,{% endif %} and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
+For the compiled languages C/C++, C#,{% ifversion codeql-go-autobuild %} Go,{% endif %}{% ifversion codeql-kotlin-beta %} Kotlin, {% endif %} and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
 
 {% data reusables.code-scanning.autobuild-compiled-languages %}
 
@@ -108,7 +110,7 @@ The `autobuild` process attempts to autodetect a suitable way to install the dep
 
 {% endif %}
 
-### Java
+### Java {% ifversion codeql-kotlin-beta %} and Kotlin {% endif %}
 
 | Supported system type | System name |
 |----|----|

content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md

@@ -74,7 +74,7 @@ You can display the command-line help for any command using the <nobr>`--help`</
 | Option | Required | Usage |
 |--------|:--------:|-----|
 | `<database>` | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the name and location of a directory to create for the {% data variables.product.prodname_codeql %} database. The command will fail if you try to overwrite an existing directory. If you also specify `--db-cluster`, this is the parent directory and a subdirectory is created for each language analyzed.|
-| <nobr>`--language`</nobr> | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the identifier for the language to create a database for, one of: `{% data reusables.code-scanning.codeql-languages-keywords %}` (use `javascript` to analyze TypeScript code). When used with <nobr>`--db-cluster`</nobr>, the option accepts a comma-separated list, or can be specified more than once.
+| <nobr>`--language`</nobr> | {% octicon "check-circle-fill" aria-label="Required" %} | Specify the identifier for the language to create a database for, one of: `{% data reusables.code-scanning.codeql-languages-keywords %}` (use `javascript` to analyze TypeScript code {% ifversion codeql-kotlin-beta %} and `java` to analyze Kotlin code{% endif %}). When used with <nobr>`--db-cluster`</nobr>, the option accepts a comma-separated list, or can be specified more than once.
 | <nobr>`--command`</nobr> | | Recommended. Use to specify the build command or script that invokes the build process for the codebase. Commands are run from the current folder or, where it is defined, from <nobr>`--source-root`</nobr>. Not needed for Python and JavaScript/TypeScript analysis. |
 | <nobr>`--db-cluster`</nobr> | | Optional. Use in multi-language codebases to generate one database for each language specified by <nobr>`--language`</nobr>.
 | <nobr>`--no-run-unnecessary-builds`</nobr> | | Recommended. Use to suppress the build command for languages where the {% data variables.product.prodname_codeql_cli %} does not need to monitor the build (for example, Python and JavaScript/TypeScript).

data/allowed-topics.js

@@ -86,6 +86,7 @@ export default [
   'Java',
   'JavaScript',
   'Jenkins',
+  'Kotlin',
   'Legal',
   'LFS',
   'Licensing',

data/features/codeql-kotlin-beta.yml

@@ -0,0 +1,5 @@
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>3.8'
+  ghae: '>3.8'

data/reusables/code-scanning/alerts-found-in-generated-code.md

@@ -1,3 +1,3 @@
-For compiled languages like Java,{% ifversion codeql-go-autobuild %} Go,{% endif %} C, C++, and C#, {% data variables.product.prodname_codeql %} analyzes all of the code which was built during the workflow run. To limit the amount of code being analyzed, build ony the code which you wish to analyze by specifying your own build steps in a `run` block. You can combine specifying your own build steps with using the `paths` or `paths-ignore` filters on the `pull_request` and `push` events to ensure that your workflow only runs when specific code is changed. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
+For compiled languages like Java,{% ifversion codeql-kotlin-beta %} Kotlin, {% endif %}{% ifversion codeql-go-autobuild %} Go,{% endif %} C, C++, and C#, {% data variables.product.prodname_codeql %} analyzes all of the code which was built during the workflow run. To limit the amount of code being analyzed, build ony the code which you wish to analyze by specifying your own build steps in a `run` block. You can combine specifying your own build steps with using the `paths` or `paths-ignore` filters on the `pull_request` and `push` events to ensure that your workflow only runs when specific code is changed. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
 
 For languages like{% ifversion codeql-go-autobuild %}{% else %} Go,{% endif %} JavaScript, Python, and TypeScript, that {% data variables.product.prodname_codeql %} analyzes without compiling the source code, you can specify additional configuration options to limit the amount of code to analyze. For more information, see "[Specifying directories to scan](/code-security/secure-coding/configuring-code-scanning#specifying-directories-to-scan)."

data/reusables/code-scanning/autobuild-add-build-steps.md

@@ -1,2 +1,2 @@
-If `autobuild` fails, or you want to analyze a different set of source files from those built by the `autobuild` process, you'll need to remove the `autobuild` step from the workflow, and manually add build steps. For C/C++, C#, Go, and Java projects, {% data variables.product.prodname_codeql %} will analyze whatever source code is built by your specified build steps.
+If `autobuild` fails, or you want to analyze a different set of source files from those built by the `autobuild` process, you'll need to remove the `autobuild` step from the workflow, and manually add build steps. For C/C++, C#, Go,{% ifversion codeql-kotlin-beta %} Kotlin, {% endif %} and Java projects, {% data variables.product.prodname_codeql %} will analyze whatever source code is built by your specified build steps.
 

data/reusables/code-scanning/autobuild-compiled-languages.md

@@ -1 +1 @@
-For the supported compiled languages, you can use the `autobuild` action in the {% data variables.code-scanning.codeql_workflow %} to build your code. This avoids you having to specify explicit build commands for C/C++, C#,{% ifversion codeql-go-autobuild %} Go,{% endif %} and Java.
+For the supported compiled languages, you can use the `autobuild` action in the {% data variables.code-scanning.codeql_workflow %} to build your code. This avoids you having to specify explicit build commands for C/C++, C#,{% ifversion codeql-go-autobuild %} Go,{% endif %}{% ifversion codeql-kotlin-beta %} Kotlin, {% endif %} and Java.

data/reusables/code-scanning/codeql-languages-bullets.md

@@ -12,8 +12,15 @@
 
 **Note**: {% data variables.product.prodname_codeql %} analysis for Ruby is currently in beta. During the beta, analysis of Ruby will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages.
 
+{% endnote %}
+{% endif %}{% endif %}{% ifversion codeql-kotlin-beta %}
+- Kotlin
+
+{% note %}
+
+**Note**: {% data variables.product.prodname_codeql %} analysis for Kotlin is currently in beta. During the beta, analysis of Kotlin will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages.
+
 {% endnote %}
 {% endif %}
 
 For more information, see the documentation on the {% data variables.product.prodname_codeql %} website: "[Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/)."
-{% endif %}