aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows
diff options
context:
space:
mode:
authorsudoforge <no-reply@sudoforge.com>2024-07-23 00:52:36 -0700
committersudoforge <9c001b67637a@sudoforge.com>2024-07-23 08:25:12 -0700
commit1fa858dcf4c4e7b572316705d70c08545abae7ff (patch)
tree49cbec272fbbde30a215d05fdcdc8af69ff7ceae /.github/workflows
parent7918af669fc1e99d2d22e7bcde0307c9a8bd1020 (diff)
downloadgit-bug-1fa858dcf4c4e7b572316705d70c08545abae7ff.tar.gz
fix: move codeql into an independent workflow
This seems to be necessary in order to support the advanced configuration. Change-Id: Ia5303123b3dcc22f77cdde4d514b484f29c60ca6
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/lint.yml11
-rw-r--r--.github/workflows/scan.yml32
2 files changed, 32 insertions, 11 deletions
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 2a643989..6b6434d2 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -35,17 +35,6 @@ jobs:
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- - name: Initialize CodeQL
- uses: github/codeql-action/init@v3
- with:
- languages: go, javascript
-
- - name: Autobuild
- uses: github/codeql-action/autobuild@v3
-
- - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v3
-
spelling:
runs-on: ubuntu-latest
steps:
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
new file mode 100644
index 00000000..ed69aed7
--- /dev/null
+++ b/.github/workflows/scan.yml
@@ -0,0 +1,32 @@
+name: scan
+
+on:
+ push:
+ branches: [ master ]
+ pull_request:
+ branches: [ master ]
+ schedule:
+ - cron: '0 12 * * 6'
+
+permissions:
+ security-events: write
+
+jobs:
+ codeql:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 2
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: go, javascript
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v3
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3