Standardize security workflow and enhance CodeQL analysis (#473)
* fix(workflows): standardize runner configuration for security jobs * ci(actionlint): add Blacksmith runner label to config Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config to suppress "unknown label" warnings during workflow linting. This label is used across all workflows after the Blacksmith migration. * Merge branch 'main' into devsecops * fix(actionlint): adjust indentation for self-hosted runner labels * Merge branch 'main' into devsecops * feat(security): enhance security workflow with CodeQL analysis steps * Merge branch 'main' into devsecops * fix(security): update CodeQL action to version 4 for improved analysis * Merge branch 'main' into devsecops
This commit is contained in:
Will Sarg
GitHub
parent
8081d818dc
commit
6fb64d2022
1 changed files with 4 additions and 2 deletions
6
.github/workflows/security.yml
vendored
6
.github/workflows/security.yml
vendored
|
|
@ -16,6 +16,8 @@ permissions:
|
|||
contents: read
|
||||
security-events: write
|
||||
actions: read
|
||||
security-events: write
|
||||
actions: read
|
||||
|
||||
env:
|
||||
CARGO_TERM_COLOR: always
|
||||
|
|
@ -57,7 +59,7 @@ jobs:
|
|||
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
uses: github/codeql-action/init@v4
|
||||
with:
|
||||
languages: rust
|
||||
|
||||
|
|
@ -68,4 +70,4 @@ jobs:
|
|||
run: cargo build --workspace --all-targets
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
uses: github/codeql-action/analyze@v4
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue