mirror of
https://github.com/GeWuYou/GFramework.git
synced 2026-05-07 08:44:29 +08:00
340b6cae90
- 移除push触发器,仅保留pull request触发CI构建测试 - 添加CodeQL静态代码分析工作流,支持安全漏洞检测 - 配置每日凌晨2点定时执行CodeQL分析 - 设置.NET 8.0.x运行时环境支持 - 启用C#语言自动构建模式进行代码扫描
51 lines
1.3 KiB
YAML
51 lines
1.3 KiB
YAML
# GitHub Actions工作流配置:CodeQL静态代码分析
|
||
# 该工作流用于对C#项目进行安全漏洞和代码质量分析
|
||
name: "CodeQL"
|
||
|
||
# 触发事件配置
|
||
# 在以下情况下触发工作流:
|
||
# 1. 针对任意分支的拉取请求时
|
||
# 2. 每天凌晨2点执行一次
|
||
on:
|
||
pull_request:
|
||
branches: [ '**' ]
|
||
schedule:
|
||
- cron: '0 2 * * *'
|
||
|
||
jobs:
|
||
# 分析任务配置
|
||
# 对C#代码进行静态分析扫描
|
||
analyze:
|
||
name: Analyze (C#)
|
||
runs-on: ubuntu-latest
|
||
permissions:
|
||
security-events: write
|
||
contents: read
|
||
|
||
steps:
|
||
- name: Checkout repository
|
||
uses: actions/checkout@v6
|
||
with:
|
||
fetch-depth: 0
|
||
|
||
# 设置.NET运行时环境
|
||
# 配置.NET 8.0.x版本支持
|
||
- name: Setup .NET
|
||
uses: actions/setup-dotnet@v5
|
||
with:
|
||
dotnet-version: |
|
||
8.0.x
|
||
|
||
# 初始化CodeQL分析环境
|
||
# 配置C#语言支持并启用自动构建模式
|
||
- name: Initialize CodeQL
|
||
uses: github/codeql-action/init@v4
|
||
with:
|
||
languages: csharp
|
||
build-mode: autobuild
|
||
|
||
# 执行CodeQL代码分析
|
||
# 运行静态分析并生成结果报告
|
||
- name: Perform CodeQL Analysis
|
||
uses: github/codeql-action/analyze@v4
|