From 922db51cb4cd3c9923db57abdf5fa0187b0f6cbe Mon Sep 17 00:00:00 2001
From: Ankit Charolia <ankitcharolia@gmail.com>
Date: Thu, 20 Jul 2023 10:36:59 +0200
Subject: [PATCH] chore: add CodeQL Analysis job

---
 .../{build-publish.yml => build-publish.yaml} |  0
 .github/workflows/codeql-analysis.yaml        | 52 +++++++++++++++++++
 .goreleaser.yaml                              |  1 +
 3 files changed, 53 insertions(+)
 rename .github/workflows/{build-publish.yml => build-publish.yaml} (100%)
 create mode 100644 .github/workflows/codeql-analysis.yaml

diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yaml
similarity index 100%
rename from .github/workflows/build-publish.yml
rename to .github/workflows/build-publish.yaml
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
new file mode 100644
index 0000000..be44880
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yaml
@@ -0,0 +1,52 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  schedule:
+    - cron: '22 10 * * 0'
+
+permissions:
+  contents: read
+
+jobs:
+  codeQL-Build:
+    permissions:
+      actions: read  # for github/codeql-action/init to get workflow details
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/autobuild to send a status report
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
\ No newline at end of file
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index cde2206..2b6a096 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -12,6 +12,7 @@ builds:
       - CGO_ENABLED=1
     goos:
       - linux
+      - darwin
     goarch:
       - amd64