Description
Issue party content strategy plan
Feedback on Downloading the CodeQL runner:
We say "You can download the CodeQL runner from ." Then we suggest how to change permissions before we run it. It would be great before we do that to provide a little wget script pointing to the latest release options so I can copy and paste it into my pipeline.
wget https://github.com/github/codeql-action/releases/download/codeql-bundle-20200826/codeql-runner-linux chmod +x codeql-runner-linux
Content plan
This requires changes to the Running code scanning in your CI system topic.
Audience
Anyone who's integrating code scanning into their CI/CD system where the system has access to GitHub.com, especially people who spin up a fresh VM for each run.
Content to update
Suggest splitting the current first paragraph in Adding the CodeQL runner to your CI system after the first sentence.
Then revise the first sentence to explain that each CI server that you intend to use for code scanning needs to have the CodeQL runner. You might configure each server to copy the runner from a central, internal location, or you could use the REST API to get the runner direct from GitHub, for example: wget script above.
Questions
None outstanding.