From 3dc1441d7fd944c9d153a40eb5beb6e10d6ee976 Mon Sep 17 00:00:00 2001 From: aparna-ravindra Date: Thu, 9 Jun 2022 12:18:40 +0530 Subject: [PATCH 1/2] adding codeowners --- .github/CODEOWNERS | 1 + .github/workflows/code-ql.yml | 33 +++++++++++++++++++++++++++++++++ .github/workflows/lint.yml | 21 +++++++++++++++++++++ 3 files changed, 55 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/workflows/code-ql.yml create mode 100644 .github/workflows/lint.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..5704144 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @actions/actions-cache \ No newline at end of file diff --git a/.github/workflows/code-ql.yml b/.github/workflows/code-ql.yml new file mode 100644 index 0000000..cbf0f85 --- /dev/null +++ b/.github/workflows/code-ql.yml @@ -0,0 +1,33 @@ +name: Code Scanning + +on: + push: + branches: [main] + pull_request: + branches: [main] + paths-ignore: + - '**/*.md' + schedule: + - cron: "0 0 * * 0" + +permissions: + actions: read # for github/codeql-action/init to get workflow details + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/analyze to upload SARIF results + +jobs: + CodeQL-Build: + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: go + queries: security-and-quality + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 \ No newline at end of file diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..6206cf5 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,21 @@ +name: golangci-lint +on: + push: + branches: + - main + pull_request: +permissions: + contents: read + # Optional: allow read access to pull request. Use with `only-new-issues` option. + # pull-requests: read +jobs: + golangci: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/setup-go@v3 + with: + go-version: 1.16 + - uses: actions/checkout@v3 + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 \ No newline at end of file From 6071d747ca1e9ba8e45bd9d8ddb00fccd993c4e5 Mon Sep 17 00:00:00 2001 From: aparna-ravindra Date: Thu, 9 Jun 2022 12:41:03 +0530 Subject: [PATCH 2/2] running codeql on all pr --- .github/workflows/code-ql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/code-ql.yml b/.github/workflows/code-ql.yml index cbf0f85..7aaba00 100644 --- a/.github/workflows/code-ql.yml +++ b/.github/workflows/code-ql.yml @@ -4,7 +4,6 @@ on: push: branches: [main] pull_request: - branches: [main] paths-ignore: - '**/*.md' schedule: