https://github.com/skills/configure-codeql-language-matrix

Learn how to simplify your code scanning workflows with CodeQL language matrices
https://github.com/skills/configure-codeql-language-matrix

codeql github-advanced-security skills-course

Last synced: about 9 hours ago
JSON representation

Learn how to simplify your code scanning workflows with CodeQL language matrices

• Host: GitHub
• URL: https://github.com/skills/configure-codeql-language-matrix
• Owner: skills
• License: mit
• Created: 2024-06-19T14:49:30.000Z (10 months ago)
• Default Branch: main
• Last Pushed: 2024-09-05T01:22:41.000Z (8 months ago)
• Last Synced: 2025-04-19T00:11:39.306Z (4 days ago)
• Topics: codeql, github-advanced-security, skills-course
• Homepage:
• Size: 12.7 KB
• Stars: 8
• Watchers: 1
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        


# Configuring a CodeQL language matrix

_Configure your CodeQL workflows with a language matrix to simplify your code scanning workflows_

## Welcome

In this course we will explore how you can configure CodeQL using configuration files. During this course, we will show you how to add a query pack to a CodeQL configuration file, as well as configure your workflow to reference that configuration file.

- **Who is this for**: Developers, security engineers, open source maintainers.

- **What you'll learn**: We'll show you how to configure your workflow to use a language matrix. We will also cover the autobuild action for compiled languages. This will allow you to have a single code scanning workflow that covers all the languages in your repository.

- **What you'll build**: A secure software development pipeline that has been tuned to your project's specific needs.

- **Prerequisites**: Knowledge of how the context and expressions work in workflows. You can learn more about this in the [GitHub Actions documentation](https://docs.github.com/en/actions).

- **How long**: This course is 2 steps long and takes less than 30 minutes to complete.

## How to start this course

[![start-course](https://user-images.githubusercontent.com/1221423/235727646-4a590299-ffe5-480d-8cd5-8194ea184546.svg)](https://github.com/new?template_owner=skills&template_name=configure-codeql-language-matrix&owner=%40me&name=skills-configure-codeql-language-matrix&description=GitHub+Skills:+Configure+Codeql+Language+Matrix&visibility=public)

1. Right-click **Start course** and open the link in a new tab.

2. In the new tab, most of the prompts will automatically fill in for you.

    - For owner, choose your personal account or an organization to host the repository.

    - We recommend creating a public repository, as private repositories will [use Actions minutes](https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions).

    - Scroll down and click the **Create repository** button at the bottom of the form.

3. After your new repository is created, wait about 20 seconds, then refresh the page. Follow the step-by-step instructions in the new repository's README.

---

Get help: [Post in our discussion board](https://github.com/orgs/skills/discussions/categories/configuring-codeql) • [Review the GitHub status page](https://www.githubstatus.com/)

© 2024 GitHub • [Code of Conduct](https://www.contributor-covenant.org/version/2/1/code_of_conduct/code_of_conduct.md) • [MIT License](https://gh.io/mit)