Skip to content

Commit

Permalink
build: add CodeQL check
Browse files Browse the repository at this point in the history
Signed-off-by: Shiwei Zhang <[email protected]>
  • Loading branch information
shizhMSFT committed Dec 27, 2023
1 parent 9650855 commit da46b7d
Showing 1 changed file with 56 additions and 0 deletions.
56 changes: 56 additions & 0 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
# Copyright The ORAS Authors.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: CodeQL

on:
push:
branches:
- main
- release-*
pull_request:
branches:
- main
- release-*
schedule:
- cron: '27 15 * * 0'

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
matrix:
dotnet-version: ['8.0.x']
fail-fast: false
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up dotnet ${{ matrix.dotnet-version }} environment
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: csharp
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:csharp"

0 comments on commit da46b7d

Please sign in to comment.