github.com/onflow/atree@v0.6.0/.github/workflows/codeql-analysis.yml (about)

     1  name: "CodeQL"
     2  
     3  # Remove default permissions at top level and grant in jobs.
     4  permissions: {}
     5  
     6  on:
     7    push:
     8      branches:
     9      - main
    10      - 'feature/**'
    11      - 'v**'  
    12    pull_request:
    13      branches:
    14      - main
    15      - 'feature/**'
    16      - 'v**'
    17    schedule:
    18      - cron: '30 5 * * 4'
    19  
    20  jobs:
    21    analyze:
    22      name: Analyze
    23      runs-on: ubuntu-latest
    24      permissions:
    25        actions: read
    26        contents: read
    27        security-events: write
    28  
    29      strategy:
    30        fail-fast: false
    31        matrix:
    32          language: [ 'go' ]
    33  
    34      steps:
    35      - name: Checkout repository
    36        uses: actions/checkout@v3
    37        
    38      - name: Set up Go 1.19
    39        uses: actions/setup-go@v3
    40        with:
    41          go-version: '1.19'
    42          check-latest: true
    43  
    44      # Initializes the CodeQL tools for scanning.
    45      - name: Initialize CodeQL
    46        uses: github/codeql-action/init@v2
    47        with:
    48          languages: ${{ matrix.language }}
    49  
    50      # If this step fails, then you should remove it and run the build manually (see below)
    51      - name: Autobuild
    52        uses: github/codeql-action/autobuild@v2
    53  
    54      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
    55      #    and modify them (or add more) to build your code if your project
    56      #    uses a compiled language
    57  
    58      #- run: |
    59      #   make bootstrap
    60      #   make release
    61  
    62      - name: Perform CodeQL Analysis
    63        uses: github/codeql-action/analyze@v2