Add codeql workflow #5743
Add codeql workflow #5743
Conversation
Kramer0x0
force-pushed
the
add_codeql_workflow
branch
from
3549dcd
to
b5eac60
Compare
There was a problem hiding this comment.
Thanks for the contribution @Kramer0x0 , just one small nit.
.github/workflows-doc.md
Outdated
| @@ -19,6 +19,7 @@ test-build-deploy.yml specifies a workflow that runs all Cortex continuous integ | |||
| | test | Runs units tests on Cassandra testing framework. | CI | | |||
| | integration-configs-db | Integration tests for database configurations. | CI | | |||
| | integration | Runs integration tests after upgrading golang, pulling necessary docker images and downloading necessary module dependencies. | CI | | |||
| | Security/CodeQL | CodeQL is a semantic code analysis engine used for automating security checks, enabling developers to write and run queries to identify vulnerabilities and improve code security | CI | |||
There was a problem hiding this comment.
Totally! Sorry about that :)
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Signed-off-by: Ryan West <rwest2@apple.com>
Signed-off-by: Ryan West <rwest2@apple.com>
Signed-off-by: Ryan West <rwest2@apple.com>
Signed-off-by: Ryan West <rwest2@apple.com>
Signed-off-by: Ryan West <rwest2@apple.com>
Kramer0x0
force-pushed
the
add_codeql_workflow
branch
from
69b77d0
to
26269c4
Compare
|
Thanks! |
|
Seems the CodeQL is breaking in master: https://github.com/cortexproject/cortex/actions/runs/7747719874/job/21162892320 |
What this PR does:
This pull request integrates CodeQL, an Open Source semantic code analysis tool, into the upstream repository's workflow. By incorporating CodeQL, it enhances the repository's security posture by automatically detecting vulnerabilities and coding errors during the development process. This addition will ensure continuous and automated code quality checks, significantly improving the overall security and maintainability of the codebase.
Which issue(s) this PR fixes:
Fixes #
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]