Closed daenney closed 2 years ago
nice, this is super cool didn't know about it :)
Now, how to test this... :smile:
So it's up on https://github.com/pion/ci-sandbox/actions/workflows/codeql.yml now, but apparently I can't trigger this by hand. I guess we wait until Sunday?
Ah, apparently I need a on: workflow_dispatch
Alright, so it's visible here now: https://github.com/pion/ci-sandbox/security/code-scanning. The CI job works as expected, but obviously for that repo it doesn't find any issues. I think we're good to tag this now. WDYT @Sean-Der?
You can see the workflow with a manual trigger here: https://github.com/pion/ci-sandbox/actions/workflows/codeql-analysis.yml
An automatic/scheduled run has happened too now: https://github.com/pion/ci-sandbox/actions/runs/2252392230.
Things seem to be working as expected, so I'll go ahead and tag a release.
This launches a CodeQL scan once a week, on Sunday at 05:23 UTC for the latest commit on the default branch. The results of the scan will be available on the repository's Security tab in the Code Scanning alerts. This is only visible to folks that are org or repo admins (not just push, admin), or members of a team in the Pion org with the security manager role.