From 73f5063a08d603aead907d49b7dc93619ecd7f9d Mon Sep 17 00:00:00 2001 From: 777genius Date: Tue, 2 Jun 2026 13:51:30 +0300 Subject: [PATCH] fix(ci): add explicit codeql workflow --- .github/codeql/codeql-config.yml | 15 +++++++ .github/workflows/codeql.yml | 67 ++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 .github/codeql/codeql-config.yml create mode 100644 .github/workflows/codeql.yml diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 00000000..9d078a8f --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,15 @@ +name: agent-teams-codeql + +paths: + - src + - packages + - agent-teams-controller + - mcp-server + - scripts + - .github/workflows + +paths-ignore: + - '**/node_modules/**' + - 'test/**' + - 'landing/**' + - 'build/**' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..f9242127 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,67 @@ +name: CodeQL + +on: + push: + branches: [main, dev] + paths: + - 'src/**' + - 'packages/**' + - 'agent-teams-controller/**' + - 'mcp-server/**' + - 'scripts/**' + - '.github/workflows/**' + - '.github/codeql/**' + - 'package.json' + - 'pnpm-lock.yaml' + - 'pnpm-workspace.yaml' + - 'tsconfig*.json' + pull_request: + paths: + - 'src/**' + - 'packages/**' + - 'agent-teams-controller/**' + - 'mcp-server/**' + - 'scripts/**' + - '.github/workflows/**' + - '.github/codeql/**' + - 'package.json' + - 'pnpm-lock.yaml' + - 'pnpm-workspace.yaml' + - 'tsconfig*.json' + schedule: + - cron: '34 3 * * 1' + +permissions: + contents: read + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + runs-on: ubuntu-latest + timeout-minutes: 45 + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: + - actions + - javascript-typescript + + steps: + - name: Checkout repository + uses: actions/checkout@v6 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: ${{ matrix.language }} + config-file: ./.github/codeql/codeql-config.yml + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: /language:${{ matrix.language }}