Update CodeQL workflow

Signed-off-by: Gabriela Georgieva <gabriela.georgieva@docker.com>
2023-10-25 12:22:08 +02:00 · 2023-10-25 12:22:08 +02:00 · 39b1d37b3d
parent 39e1de95ab
commit 39b1d37b3d
1 changed files with 23 additions and 1 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -1,6 +1,15 @@
 name: codeql

 on:
+  push:
+    branches: 
+      - 'master' 
+      - '[0-9]+.[0-9]+' 
+    tags: 
+      - 'v*' 
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "master" ]
  schedule:
    #        ┌───────────── minute (0 - 59)
    #        │ ┌───────────── hour (0 - 23)
@ -15,7 +24,13 @@ on:

 jobs:
  codeql:
-    runs-on: ubuntu-20.04
+    runs-on: 'ubuntu-latest'
+    timeout-minutes: 360
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    
    steps:
      -
        name: Checkout
@ -27,6 +42,11 @@ jobs:
        if: ${{ github.event_name == 'pull_request' }}
        run: |
          git checkout HEAD^2
+      - 
+        name: Update Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
      -
        name: Initialize CodeQL
        uses: github/codeql-action/init@v2
@ -38,3 +58,5 @@ jobs:
      -
        name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:go"