Skip to content

CodeQL IaC Scanning

CodeQL IaC Scanning #4

Workflow file for this run

name: CodeQL IaC Scanning
on:
pull_request:
workflow_call:
jobs:
analysis:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize and Analyze IaC
id: codeql_iac
uses: advanced-security/codeql-extractor-iac@main
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.codeql_iac.outputs.sarif }}