github-actions-python/.github/workflows/codeql.yml at main · percebus/github-actions-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
name: CodeQL

# SRC: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
on:
  workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
  push:
    branches: [main]
  pull_request:
    branches: [main]
  schedule:
    - cron: "0 0 * * 0" # Weekly on Sundays at midnight

concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}
  cancel-in-progress: true

jobs:
  codeQL:
    permissions:
      actions: read
      contents: read
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language:
          - actions

    name: "CodeQL: ${{ matrix.language }}"
    uses: percebus/github-actions-compliance/.github/workflows/codeql_analyze.yml@main
    with:
      language: ${{ matrix.language }}