From 6c37f429454c76c68fb4395a22bccc82a8bf83ed Mon Sep 17 00:00:00 2001
From: Markus Neteler <neteler@mundialis.de>
Date: Tue, 26 Nov 2024 11:51:15 +0100
Subject: [PATCH] CI: fix syntax error in codeql.yml (#29)

* CI: fix syntax error in codeql.yml

Attempt to fix syntax error:

```
Check failure on line 46 in .github/workflows/codeql.yml
GitHub Actions / CodeQL

Invalid workflow file

The workflow is not valid. .github/workflows/codeql.yml (Line: 46, Col: 17): Unexpected value ''
```

See log: https://github.com/mundialis/github-workflows/actions/runs/9971374622/workflow

* fix language definition

* add dummy data for codeql

* update dummy c file

* rename dummy file

* simplify codeql workflow

* try autobuild mode

* no c

---------

Co-authored-by: Carmen <carmen.tawalika@gmail.com>
---
 .github/workflows/codeql.yml | 47 ++++++++++++++++++++++++++++++++++++
 dummy_data/dummy.h           |  5 ++++
 dummy_data/dummy.py          |  1 +
 3 files changed, 53 insertions(+)
 create mode 100644 .github/workflows/codeql.yml
 create mode 100644 dummy_data/dummy.h
 create mode 100644 dummy_data/dummy.py

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000..69612c7
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,47 @@
+---
+name: CodeQL
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    # Check every Saturday at 12:36
+    - cron: 36 12 * * 6
+
+permissions: {}
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      packages: read
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language:
+          - python
+          # - c-cpp
+        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"
diff --git a/dummy_data/dummy.h b/dummy_data/dummy.h
new file mode 100644
index 0000000..22f5296
--- /dev/null
+++ b/dummy_data/dummy.h
@@ -0,0 +1,5 @@
+#include <stdio.h>
+int main() {
+   printf("Hello, World!");
+   exit(EXIT_SUCCESS);
+}
diff --git a/dummy_data/dummy.py b/dummy_data/dummy.py
new file mode 100644
index 0000000..13177ca
--- /dev/null
+++ b/dummy_data/dummy.py
@@ -0,0 +1 @@
+# empty python file for codeql workflow