diff options
author | Evgeny Vereshchagin <evvers@ya.ru> | 2021-11-10 23:02:05 +0000 |
---|---|---|
committer | Frantisek Sumsal <frantisek@sumsal.cz> | 2021-11-12 15:47:15 +0000 |
commit | 33796123bccabdcc91ee9b87b5c042710bf50362 (patch) | |
tree | e2f2f21d89efc0ff1fa40162d739efa97d35a0f3 /.github | |
parent | be7148ebed5d73c4a76bc6089ebe2e82d8fa33e0 (diff) | |
download | systemd-33796123bccabdcc91ee9b87b5c042710bf50362.tar.gz |
ci: run codeql-analysis daily
https://github.com/github/codeql-action
Apparently to judge from a couple of warnings I haven't seen
before it's a bit different from LGTM.
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000000..0f4a04ab53 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,42 @@ +name: "CodeQL" + +on: + # It takes the workflow approximately 30 minutes to analyze the code base + # so it doesn't seem to make much sense to trigger it on every PR or commit. + # It runs daily at 01:00 to avoid colliding with the Coverity workflow. + schedule: + - cron: '0 1 * * *' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }} + cancel-in-progress: true + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'cpp', 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + + - run: sudo -E .github/workflows/unit_tests.sh SETUP + + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 |