name: "CodeQL" on: pull_request: # The branches below must be a subset of the branches above branches: [ master ] schedule: - cron: '30 5,17 * * *' permissions: contents: read jobs: analyze: permissions: security-events: write # for github/codeql-action/autobuild to send a status report name: Analyze if: github.repository_owner == 'mattermost' runs-on: ubuntu-latest strategy: fail-fast: false matrix: language: [ 'go', 'javascript' ] steps: - name: Checkout repository uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} debug: false config-file: ./.github/codeql/codeql-config.yml - name: Build JavaScript uses: github/codeql-action/autobuild@v2 if: ${{ matrix.language == 'javascript' }} - name: Setup go uses: actions/setup-go@v2 with: go-version: '1.21' if: ${{ matrix.language == 'go' }} - name: Build Golang run: | cd server make setup-go-work make build-linux-amd64 if: ${{ matrix.language == 'go' }} # Perform Analysis - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2