File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ name : " CodeQL"
2+
3+ on :
4+ push :
5+ branches : ["main"]
6+ pull_request :
7+ # The branches below must be a subset of the branches above
8+ branches : ["main"]
9+ schedule :
10+ # run every week at 10:24 on Thursday
11+ - cron : " 24 10 * * 4"
12+
13+ jobs :
14+ analyze :
15+ name : Analyze
16+ runs-on : ubuntu-latest
17+ permissions :
18+ actions : read
19+ contents : read
20+ security-events : write
21+
22+ strategy :
23+ fail-fast : false
24+ matrix :
25+ language : ["go", "javascript"]
26+
27+ steps :
28+ - name : Checkout repository
29+ uses : actions/checkout@v3
30+
31+ - name : Initialize CodeQL
32+ uses : github/codeql-action/init@v2
33+ with :
34+ languages : ${{ matrix.language }}
35+
36+ - name : Setup Go
37+ if : matrix.language == 'go'
38+ uses : actions/setup-go@v3
39+ with :
40+ go-version : " ~1.19"
41+
42+ - name : Go Cache Paths
43+ if : matrix.language == 'go'
44+ id : go-cache-paths
45+ run : |
46+ echo "::set-output name=go-mod::$(go env GOMODCACHE)"
47+
48+ name : Go Mod Cache
49+ if : matrix.language == 'go'
50+ uses : actions/cache@v3
51+ with :
52+ path : ${{ steps.go-cache-paths.outputs.go-mod }}
53+ key : ${{ runner.os }}-release-go-mod-${{ hashFiles('**/go.sum') }}
54+
55+ - name : Remove Makefile # workaround to prevent CodeQL from building site
56+ if : matrix.language == 'go'
57+ run : |
58+ # Disable Analysis step from trying to build the project.
59+ rm Makefile
60+
61+ name : Perform CodeQL Analysis
62+ uses : github/codeql-action/analyze@v2
63+ with :
64+ category : " /language:${{matrix.language}}"
Original file line number Diff line number Diff line change 11{
22 "recommendations" : [
3+ " github.vscode-codeql"
34 " golang.go"
45 " hashicorp.terraform"
56 " esbenp.prettier-vscode"
You can’t perform that action at this time.
0 commit comments