admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2e608f0c91f8cdd31d5c5ea6cae2bd95c0664811
goodgo-platform/.github/workflows/codeql.yml
Ho Ngoc Hai 4d91c04b88 docs: add comprehensive K6 load testing guide with API structure 
- Document all API endpoints (auth, listings, payments, search)
- Include DTOs and request/response body shapes
- Document authentication methods and rate limits
- Provide database and environment configuration
- Include existing test setup (Playwright, Vitest)
- Detail CI/CD pipeline structure
- Recommend K6 endpoints and test patterns
- Provide file location references for quick lookup

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 01:34:15 +07:00

62 lines
1.4 KiB
YAML
Raw Blame History

name: CodeQL Analysis
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
# Run weekly on Monday at 06:17 UTC — off-peak to avoid :00/:30 congestion
- cron: "17 6 * * 1"
concurrency:
group: codeql-${{ github.ref }}
cancel-in-progress: true
permissions:
actions: read
contents: read
security-events: write
jobs:
analyze:
name: CodeQL (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
language: [javascript-typescript]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# Use extended security queries for deeper analysis
queries: security-extended,security-and-quality
config: |
paths:
- apps/
- libs/
paths-ignore:
- node_modules/
- "**/dist/"
- "**/*.spec.ts"
- "**/*.test.ts"
- "**/__tests__/"
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{ matrix.language }}"
# SARIF results are automatically uploaded to GitHub Security tab
upload: always
Reference in New Issue View Git Blame Copy Permalink