Skip to content
CodeQL Security Analysis

CodeQL Security Analysis #33

Sign in to view logs

CodeQL Security Analysis

CodeQL Security Analysis #33

Workflow file for this run

.github/workflows/codeql.yml at ee8b23b
name: CodeQL Security Analysis
on:
push:
branches: [ main, master ]
paths:
- '**.go'
- 'go.mod'
- 'go.sum'
- '.github/workflows/codeql.yml'
- '.github/codeql-config.yml' # Trigger on config changes too
pull_request:
branches: [ main, master ]
paths:
- '**.go'
- 'go.mod'
- 'go.sum'
- '.github/codeql-config.yml'
schedule:
# Run every Monday at midnight UTC
- cron: '0 0 * * 1'
workflow_dispatch:
permissions:
actions: read
contents: read
security-events: write
jobs:
analyze:
name: 🔐 Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 360
strategy:
fail-fast: false
matrix:
language: [ 'go' ]
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v6
with:
go-version: '1.24.x'
cache: true
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
# ⬇️ CRITICAL: Links to your config file ⬇️
config-file: ./.github/codeql-config.yml
- name: Autobuild
uses: github/codeql-action/autobuild@v4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{ matrix.language }}"
upload: true
- name: Generate summary
if: always()
run: |
echo "## 🔐 CodeQL Security Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Language:** Go" >> $GITHUB_STEP_SUMMARY
echo "**Status:** ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "📊 [View detailed results](https://github.com/${{ github.repository }}/security/code-scanning)" >> $GITHUB_STEP_SUMMARY