From 30395c0f9fc8f06a8c82a9d19901b0381dfcc561 Mon Sep 17 00:00:00 2001
From: Rintaro Okamura <rintaro.okamura@gmail.com>
Date: Wed, 1 Jul 2020 11:36:48 +0900
Subject: [PATCH] :green_heart: add codeql config

Signed-off-by: Rintaro Okamura <rintaro.okamura@gmail.com>
---
 .github/codeql/codeql-config.yaml     | 10 ++++++++++
 .github/workflows/codeql-analysis.yml |  2 ++
 2 files changed, 12 insertions(+)
 create mode 100644 .github/codeql/codeql-config.yaml

diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml
new file mode 100644
index 00000000000..367ad0eeb44
--- /dev/null
+++ b/.github/codeql/codeql-config.yaml
@@ -0,0 +1,10 @@
+name: "Go CodeQL config"
+queries:
+  - uses: security-and-quality
+  - uses: github/codeql-go/ql/src@lgtm.com
+
+paths:
+  - '/cmd'
+  - '/hack'
+  - '/internal'
+  - '/pkg'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 50ac1af0df6..aaff1324b29 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -11,6 +11,7 @@ on:
        - 'v*.*.*-*'
   pull_request:
     paths:
+      - '.github/workflows/codeql-analysis.yml'
       - '**.go'
   schedule:
     - cron: '0 1 * * 2'
@@ -39,6 +40,7 @@ jobs:
         uses: github/codeql-action/init@v1
         with:
           languages: go
+          config-file: ./.github/codeql/codeql-config.yaml
       - name: Autobuild
         uses: github/codeql-action/autobuild@v1
       - name: Perform CodeQL Analysis