From 8aa87cad4f979d0e1f13cdc1d4b6ec0421c8546a Mon Sep 17 00:00:00 2001
From: Georg Jung <git@gjung.com>
Date: Wed, 10 May 2023 10:55:40 +0200
Subject: [PATCH] Use CodeQL in actions build

---
 .github/workflows/dotnet-build.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/dotnet-build.yml b/.github/workflows/dotnet-build.yml
index 0c72d4e..83d6189 100644
--- a/.github/workflows/dotnet-build.yml
+++ b/.github/workflows/dotnet-build.yml
@@ -8,6 +8,8 @@ on:
         type: string
   workflow_dispatch:
   push:
+  schedule: # for CodeQL
+    - cron: '30 4 1 * *' # on every month's first day at 4:30 UTC
 
 env:
   DOTNET_NOLOGO: true
@@ -18,6 +20,8 @@ jobs:
   build:
     runs-on: ubuntu-22.04
     permissions:
+      security-events: write # for CodeQL
+      actions: read          # for CodeQL
       contents: read
     steps:
     - uses: actions/checkout@v3
@@ -26,6 +30,10 @@ jobs:
         lfs: true
     - uses: dotnet/nbgv@v0.4
       id: nbgv
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: csharp
     - run: dotnet restore
     - run: dotnet build -c Release --no-restore
     - run: dotnet pack -c Release --no-restore
@@ -33,3 +41,5 @@ jobs:
       with:
         name: nupkg
         path: bin/Packages/Release/**/*
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2