| name: "CodeQL" |
| |
| on: |
| push: |
| branches: [ "main" ] |
| pull_request: |
| branches: [ "main" ] |
| schedule: |
| - cron: '24 1 * * 5' |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| analyze: |
| name: Analyze |
| runs-on: ubuntu-latest |
| timeout-minutes: 360 |
| permissions: |
| # required for all workflows |
| security-events: write |
| |
| # only required for workflows in private repositories |
| actions: read |
| contents: read |
| |
| strategy: |
| fail-fast: false |
| matrix: |
| language: [ 'go' ] |
| |
| steps: |
| - name: Checkout repository |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 |
| |
| # Initializes the CodeQL tools for scanning. |
| - name: Initialize CodeQL |
| uses: github/codeql-action/init@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 |
| with: |
| languages: ${{ matrix.language }} |
| |
| # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). |
| # If this step fails, then you should remove it and run the build manually (see below) |
| - name: Autobuild |
| uses: github/codeql-action/autobuild@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 |
| |
| - name: Perform CodeQL Analysis |
| uses: github/codeql-action/analyze@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 |
| with: |
| category: "/language:${{matrix.language}}" |
