diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4127c0c65a..45235d29c6 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -16,6 +16,9 @@ on: jobs: codeql: runs-on: ubuntu-20.04 + env: + DISABLE_WARN_OUTSIDE_CONTAINER: '1' + steps: - name: Checkout @@ -32,6 +35,16 @@ jobs: uses: github/codeql-action/init@v2 with: languages: go + # CodeQL 2.16.4's auto-build added support for multi-module repositories, + # and is trying to be smart by searching for modules in every directory, + # including vendor directories. If no module is found, it's creating one + # which is ... not what we want, so let's give it a "go.mod". + # see: https://github.com/docker/cli/pull/4944#issuecomment-2002034698 + - + name: Create go.mod + run: | + ln -s vendor.mod go.mod + ln -s vendor.sum go.sum - name: Autobuild uses: github/codeql-action/autobuild@v2