Skip to content

Add CodeQL code scanning workflow (Python, JavaScript/TypeScript, C#, Go) #5

Add CodeQL code scanning workflow (Python, JavaScript/TypeScript, C#, Go)

Add CodeQL code scanning workflow (Python, JavaScript/TypeScript, C#, Go) #5

Workflow file for this run

name: Analyze Samples
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
schedule:
- cron: '30 4 * * 2'
workflow_dispatch:
jobs:
analyze-python:
name: Analyze Python Samples
if: github.repository == 'AzureCosmosDB/samples'
runs-on: ubuntu-latest
permissions:
security-events: write
packages: read
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: python
build-mode: none
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:python"
analyze-javascript:
name: Analyze JavaScript/TypeScript Samples
if: github.repository == 'AzureCosmosDB/samples'
runs-on: ubuntu-latest
permissions:
security-events: write
packages: read
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: javascript-typescript
build-mode: none
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:javascript-typescript"
analyze-dotnet:
name: Analyze .NET Samples
if: github.repository == 'AzureCosmosDB/samples'
runs-on: ubuntu-latest
permissions:
security-events: write
packages: read
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: csharp
build-mode: none
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:csharp"
analyze-go:
name: Analyze Go Samples
if: github.repository == 'AzureCosmosDB/samples'
runs-on: ubuntu-latest
permissions:
security-events: write
packages: read
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: go
build-mode: autobuild
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:go"