Skip to content

Commit 2ea32d0

Browse files
gvanrossum-msgvanrossum-ms
authored
Another attempt at fixing CodeQL -- this time using a container (#18)
1 parent 9d01ad5 commit 2ea32d0

File tree

1 file changed

+9
-12
lines changed

1 file changed

+9
-12
lines changed

.github/workflows/codeql.yml

Lines changed: 9 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,12 @@ jobs:
2727
# - https://gh.io/supported-runners-and-hardware-resources
2828
# - https://gh.io/using-larger-runners (GitHub.com only)
2929
# Consider using larger runners or machines with greater resources for possible analysis time improvements.
30-
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
30+
31+
runs-on: 'ubuntu-latest'
32+
33+
container:
34+
image: mcr.microsoft.com/devcontainers/python:1-3.12-bullseye
35+
3136
permissions:
3237
# required for all workflows
3338
security-events: write
@@ -53,6 +58,7 @@ jobs:
5358
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
5459
# If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
5560
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
61+
5662
steps:
5763
- name: Checkout repository
5864
uses: actions/checkout@v4
@@ -63,16 +69,6 @@ jobs:
6369
# - name: Setup runtime (example)
6470
# uses: actions/setup-example@v1
6571

66-
# Force Python 3.12 for this job (uv will pick this up)
67-
- name: Set up Python 3.12
68-
uses: actions/setup-python@v5
69-
with:
70-
python-version: '3.12'
71-
72-
- run: |
73-
python3 --version
74-
which python3
75-
7672
# Initializes the CodeQL tools for scanning.
7773
- name: Initialize CodeQL
7874
uses: github/codeql-action/init@v4
@@ -92,7 +88,8 @@ jobs:
9288
# to build your code.
9389
# ℹ️ Command-line programs to run using the OS shell.
9490
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
95-
- if: matrix.build-mode == 'manual'
91+
- name: Manual build check
92+
if: matrix.build-mode == 'manual'
9693
shell: bash
9794
run: |
9895
echo 'If you are using a "manual" build mode for one or more of the' \

0 commit comments

Comments
 (0)