diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2602fd8..18e9158 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,31 +1,28 @@ name: CodeQL on: push: - branches: - - 'develop' + branches: [ develop ] pull_request: - branches: - - 'develop' + branches: [ develop ] schedule: - cron: '0 9 * * 4' jobs: analyze: name: Analyze - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write strategy: fail-fast: false matrix: - language: - - go + language: [ 'go' ] steps: - - name: Code Checkout - uses: actions/checkout@v2 - - name: Checkout Head - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} + - uses: actions/checkout@v2 - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: languages: ${{ matrix.language }} - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + - uses: github/codeql-action/autobuild@v1 + - uses: github/codeql-action/analyze@v1