This keeps all the reusable github action workflows for vyos
This reusable workflow performs codeql analysis on the invoking repo using given inputs.
This performs below:
- Checkout the code.
- Initialize codeql. This uses the input languages. Initializes for each language given in input.
- Build the code. Either using autobuild or manual build as per input.
- Analyze with codeql.
Usage:
name: "Perform CodeQL Analysis"
on:
push:
branches: [ "current", "sagitta", "equuleus" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "current" ]
schedule:
- cron: '22 10 * * 0'
permissions:
actions: read
contents: read
security-events: write
jobs:
codeql-analysis-call:
uses: vyos/vyos-github-actions/.github/workflows/codeql-analysis.yml@main
secrets: inherit
with:
languages: "['python']"| Input | Description | Default | Required |
|---|---|---|---|
languages |
Languages for CodeQL check. Supported values are: 'cpp', 'csharp', 'go', 'java', 'javascript' | ['python'] | false |
codeql-cfg-path |
Path to a CodeQL config file | false | |
build-command |
Manual build command. The multiline syntax is supported | false |
Referenece: Codeql Action
Also see the GitHub reusable workflows documentation