Create workflow-scan.yml

rcowsill · Jan 6, 2024 · f9982ed · f9982ed
1 parent 7c14c3f
commit f9982ed
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/.github/workflows/workflow-scan.yml b/.github/workflows/workflow-scan.yml
@@ -0,0 +1,24 @@
+name: "Workflow CodeQL Scan"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  # Required for all workflows
+  security-events: write
+
+jobs:
+  workflow-scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
+      - name: Perform CodeQL Analysis
+        uses: rcowsill/workflow-scan-action@v1