1#
2# Copyright 2021 The Sigstore Authors.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
17name: CodeQL
18on:
19 push:
20 branches:
21 - main
22 - 'release-**'
23 pull_request:
24 branches:
25 - main
26 - 'release-**'
27 schedule:
28 - cron: '45 10 * * 1'
29
30permissions:
31 contents: read
32 security-events: write
33
34jobs:
35 analyze:
36 name: Analyze
37 runs-on: ubuntu-latest
38
39 strategy:
40 fail-fast: false
41 matrix:
42 language: [ 'go' ]
43 steps:
44 - name: Checkout repository
45 uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
46
47 - name: Extract version of Go to use
48 run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV
49 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
50 with:
51 go-version: ${{ env.GOVERSION }}
52
53 # Initializes the CodeQL tools for scanning.
54 - name: Initialize CodeQL
55 uses: github/codeql-action/init@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # v2.16.1
56 with:
57 languages: ${{ matrix.language }}
58
59 - name: Autobuild
60 uses: github/codeql-action/autobuild@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # v2.16.1
61
62 - name: Perform CodeQL Analysis
63 uses: github/codeql-action/analyze@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # v2.16.1
View as plain text