Add CodeQL workflow

rvermeulen · rvermeulen · commit 4c60ea54370b · 2022-06-27T16:01:37.000+02:00
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -0,0 +1,31 @@
+name: "CodeQL"
+on:
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: "Analyze"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Download custom bundle
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh release download --pattern 'codeql-bundle.tar.gz'
+
+      - name: CodeQL Initialize
+        uses: github/codeql-action/init@v1
+        with:
+          tools: codeql-bundle.tar.gz
+
+      - name: CodeQL Analyze
+        uses: github/codeql-action/analyze@v1
