Skip to content
AEGS: CodeQL Security Analysis

AEGS: CodeQL Security Analysis #142

Sign in to view logs

AEGS: CodeQL Security Analysis

AEGS: CodeQL Security Analysis #142

Workflow file for this run

.github/workflows/codeql.yml at 9497ecf
name: "AEGS: CodeQL Security Analysis"
on:
workflow_dispatch:
push:
branches:
- master
- main
pull_request:
branches: [master, main]
schedule:
- cron: "0 6 * * 1" # Run every Monday at 6am UTC
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
security-events: write
actions: read
env:
DOTNET_VERSION: "10.0.x"
DOTNET_CLI_TELEMETRY_OPTOUT: "1"
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: "1"
DOTNET_NOLOGO: "true"
SOLUTION_PATH: ./src/AzureEventGridSimulator.sln
jobs:
codeql:
name: "AEGS: CodeQL"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: csharp
queries: security-and-quality
config: |
query-filters:
- include:
problem.severity:
- error
- warning
- name: Build
run: dotnet build ${{ env.SOLUTION_PATH }} --configuration Release --framework net10.0
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:csharp"
dockerfile:
name: "AEGS: Hadolint"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.3.0
with:
dockerfile: docker/Dockerfile
failure-threshold: warning
format: sarif
output-file: hadolint-results.sarif
- name: Upload Hadolint results to GitHub Security
uses: github/codeql-action/upload-sarif@v4
if: always()
with:
sarif_file: hadolint-results.sarif
category: dockerfile
actions:
name: "AEGS: Actionlint"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Run actionlint
uses: raven-actions/actionlint@v2
with:
fail-on-error: true