1name: "CodeQL Scan"
2
3on:
4 push:
5 branches:
6 - main
7 pull_request:
8 branches:
9 - main
10
11permissions:
12 contents: read
13
14jobs:
15 CodeQL-Build:
16 if: github.repository == 'containerd/continuity'
17 permissions:
18 actions: read # for github/codeql-action/init to get workflow details
19 contents: read # for actions/checkout to fetch code
20 security-events: write # for github/codeql-action/analyze to upload SARIF results
21 strategy:
22 fail-fast: false
23
24 runs-on: ubuntu-22.04
25
26 timeout-minutes: 30
27
28 steps:
29 - name: Checkout repository
30 uses: actions/checkout@v3
31
32 - uses: actions/setup-go@v3
33 with:
34 go-version: 1.20.x
35
36 - name: Initialize CodeQL
37 uses: github/codeql-action/init@v2
38
39 - run: make build binaries
40
41 - name: Perform CodeQL Analysis
42 uses: github/codeql-action/analyze@v2
View as plain text