merge from upstream main #25
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | name: "CodeQL Analysis" | |
| on: | |
| push: | |
| branches: [main] | |
| paths-ignore: | |
| - "**/README.md" | |
| permissions: read-all | |
| jobs: | |
| CodeQL-Build: | |
| runs-on: macos-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| env: | |
| # Force CodeQL to run the extraction on the files compiled by our custom | |
| # build command, as opposed to letting the autobuilder figure it out. | |
| # See: https://github.com/github/codeql-action/issues/1101#issuecomment-1157729589 | |
| CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 | |
| with: | |
| go-version: 1.23.10 | |
| cache: false | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3 | |
| with: | |
| languages: go | |
| - name: Build Artifact | |
| run: | | |
| make genotelcontribcol | |
| make otelcontribcol | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3 | |
| timeout-minutes: 60 |