ci-workflows/.github/workflows/codeql.yml at 4af117130b4ab487dbcf971fa8fdb0eca28dce41 · go-openapi/ci-workflows · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: "CodeQL"

on:
  workflow_call:

permissions:
  contents: read

jobs:
  analyze:
    name: Analyze.
    runs-on: ubuntu-latest
    timeout-minutes: 360
    permissions:
      contents: read
      security-events: write
      # actions: read # <- is needed only for private repositories
    strategy:
      fail-fast: false
      matrix:
        language: ['go','actions']
    steps:
    -
      name: Checkout repository
      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
    -
      # Initializes the CodeQL tools for scanning.
      name: Initialize CodeQL
      uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
      with:
        languages: ${{ matrix.language }}
    -
      name: Analyze ${{ matrix.language }}
      uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8