1# Copyright 2022 The Sigstore Authors.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15# https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#changing-the-languages-that-are-analyzed
16name: CodeQL
17on:
18 push:
19 branches: [ main ]
20 paths-ignore:
21 - '**.md'
22 pull_request:
23 # The branches below must be a subset of the branches above
24 branches: [ main ]
25 schedule:
26 - cron: '45 10 * * 1'
27
28permissions:
29 contents: read
30
31jobs:
32 analyze:
33 name: Analyze
34 runs-on: ubuntu-latest
35 permissions:
36 security-events: write
37 strategy:
38 fail-fast: false
39 matrix:
40 language: [ 'go' ]
41 steps:
42 - name: Checkout repository
43 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
44
45 # Initializes the CodeQL tools for scanning.
46 - name: Initialize CodeQL
47 uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
48 with:
49 languages: ${{ matrix.language }}
50
51 - name: Autobuild
52 uses: github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
53
54 - name: Perform CodeQL Analysis
55 uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
View as plain text