Skip to content

Commit fc15383

Browse files
Merge pull request #22 from cli/wm-codeql
Add CodeQL workflow
2 parents 04238e5 + 2bcb99e commit fc15383

1 file changed

Lines changed: 45 additions & 0 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
name: Code Scanning
2+
3+
on:
4+
push:
5+
branches: [main]
6+
pull_request:
7+
branches: [main]
8+
paths-ignore:
9+
- '**/*.md'
10+
schedule:
11+
- cron: "0 0 * * 0"
12+
13+
permissions:
14+
actions: read # for github/codeql-action/init to get workflow details
15+
contents: read # for actions/checkout to fetch code
16+
security-events: write # for github/codeql-action/analyze to upload SARIF results
17+
18+
jobs:
19+
CodeQL-Build:
20+
runs-on: ubuntu-latest
21+
strategy:
22+
fail-fast: false
23+
matrix:
24+
language: ['go', 'actions']
25+
26+
steps:
27+
- name: Check out code
28+
uses: actions/checkout@v6
29+
30+
- name: Setup Go
31+
if: matrix.language == 'go'
32+
uses: actions/setup-go@v6
33+
with:
34+
go-version-file: "go.mod"
35+
36+
- name: Initialize CodeQL
37+
uses: github/codeql-action/init@v4
38+
with:
39+
languages: ${{ matrix.language }}
40+
queries: security-and-quality
41+
42+
- name: Perform CodeQL Analysis
43+
uses: github/codeql-action/analyze@v4
44+
with:
45+
category: "/language:${{ matrix.language }}"

0 commit comments

Comments
 (0)