From: Tom Hromatka <tom.hromatka@oracle.com>
Date: Wed, 19 Jan 2022 17:46:50 +0000 (-0700)
Subject: github: Add a code security scan
X-Git-Tag: v2.0.1~4^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=daae783e93a473823b055d1d76b7d5634b85bbf7;p=thirdparty%2Flibcgroup.git

github: Add a code security scan

Add a code security scan, CodeQL to the Github Actions
continuous integration.

Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
(cherry picked from commit 41a8fd8e68f77dc99b5bb086bf9d138a2ea02d46)
---

diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
index 9a7258ba..50ff3fcc 100644
--- a/.github/workflows/continuous-integration.yml
+++ b/.github/workflows/continuous-integration.yml
@@ -23,6 +23,22 @@ name: Continuous Integration
 on: ["push", "pull_request"]
 
 jobs:
+  codeql:
+    name: CodeQL
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        submodules: false
+    - uses: github/codeql-action/init@v1
+      with:
+        languages: cpp, python
+    - name: Initialize the directory
+      uses: ./.github/actions/setup-libcgroup
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
+
   unittests:
     name: Unit Tests
     runs-on: ubuntu-latest