github.com/ungtb10d/cli/v2@v2.0.0-20221110210412-98537dd9d6a1/.github/workflows/codeql.yml

github.com/ungtb10d/cli/v2@v2.0.0-20221110210412-98537dd9d6a1/.github/workflows/codeql.yml (about)

     1  name: Code Scanning
     2  
     3  on:
     4    push:
     5      branches: [trunk]
     6    pull_request:
     7      branches: [trunk]
     8      paths-ignore:
     9        - '**/*.md'
    10    schedule:
    11      - cron: "0 0 * * 0"
    12  
    13  permissions:
    14    actions: read  # for github/codeql-action/init to get workflow details
    15    contents: read  # for actions/checkout to fetch code
    16    security-events: write  # for github/codeql-action/analyze to upload SARIF results
    17  
    18  jobs:
    19    CodeQL-Build:
    20      runs-on: ubuntu-latest
    21  
    22      steps:
    23        - name: Check out code
    24          uses: actions/checkout@v3
    25  
    26        - name: Initialize CodeQL
    27          uses: github/codeql-action/init@v2
    28          with:
    29            languages: go
    30            queries: security-and-quality
    31  
    32        - name: Perform CodeQL Analysis
    33          uses: github/codeql-action/analyze@v2