Create workflows/codeql-analysis.yml
Browse files
.github/workflows/codeql-analysis.yml
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
name: CodeQL Analysis
|
| 2 |
+
|
| 3 |
+
on:
|
| 4 |
+
push:
|
| 5 |
+
branches-ignore:
|
| 6 |
+
- 'dependabot/**'
|
| 7 |
+
pull_request:
|
| 8 |
+
branches: [ '**' ]
|
| 9 |
+
schedule:
|
| 10 |
+
- cron: '0 8 * * *'
|
| 11 |
+
workflow_dispatch:
|
| 12 |
+
|
| 13 |
+
jobs:
|
| 14 |
+
analyze:
|
| 15 |
+
name: Analyze
|
| 16 |
+
runs-on: ubuntu-latest
|
| 17 |
+
|
| 18 |
+
steps:
|
| 19 |
+
- name: Checkout repository
|
| 20 |
+
uses: actions/checkout@v2
|
| 21 |
+
|
| 22 |
+
- name: Cache CodeQL database
|
| 23 |
+
uses: actions/cache@v2
|
| 24 |
+
with:
|
| 25 |
+
path: ~/.codeql
|
| 26 |
+
key: ${{ runner.os }}-codeql-${{ hashFiles('**/qlpack.yml') }}
|
| 27 |
+
restore-keys: ${{ runner.os }}-codeql-
|
| 28 |
+
|
| 29 |
+
- name: Initialize CodeQL
|
| 30 |
+
uses: github/codeql-action/init@v2
|
| 31 |
+
with:
|
| 32 |
+
languages: 'python'
|
| 33 |
+
|
| 34 |
+
- name: Perform CodeQL Analysis
|
| 35 |
+
uses: github/codeql-action/analyze@v2
|