github
Is it possible to create custom codeQL workflow for branch other than default branch may be dev?
Hello,
I have a GitHub Advanced Security license for my GitHub org, and it's applied to all repos. By default CodeQL scans for the default, i.e., the main branch, but before actually merging code to main, it goes to dev, and I would like to configure a custom CodeQL workflow for my dev branch. I did disable the default CodeQL and committed a custom CodeQL workflow in dev for push and pull_request events. It succeeded, but I am not able to see any results in the code scanning section under advanced security?
How can I ensure upon something is pushed to dev branch? CodeQL should run and log results in code scanning section I am using below custom codeql workflow
on:
push:
branches: [ dev ]
pull_request:
branches: [ dev ]
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'python' ] # Change to your language
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3```
It succeeded, but I am not able to see any results in the code scanning section under advanced security?
Just to double check: have you confirmed that the search filter on that page says branch:dev and not branch:dev?
