Skip to content

secure github workflows #38

secure github workflows

secure github workflows #38

Workflow file for this run

name: "CodeQL"
on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '36 18 * * 3'
permissions:
contents: read
jobs:
analyze:
name: Analyze
runs-on: 'ubuntu-latest'
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'cpp', 'go' ]
steps:
- name: Checkout repository
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@1500a131381b66de0c52ac28abb13cd79f4b7ecc # v2.22.12
with:
languages: ${{ matrix.language }}
- name: Build golang
if: matrix.language == 'go'
run: |
builder/build_docker_image
builder/build
- name: Build c
if: matrix.language == 'cpp'
run: |
cd src/calcfreq/
make
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@1500a131381b66de0c52ac28abb13cd79f4b7ecc # v2.22.12
with:
category: "/language:${{matrix.language}}"