open-telemetry · lalitb · May 21, 2021 · May 19, 2021 · May 19, 2021 · May 20, 2021
@@ -0,0 +1,29 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main]
+
+jobs:
+  CodeQL-Build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/[email protected]
+      with:
+         submodules: 'recursive'
+    - name: Setup
+      run: |
+        sudo ./ci/setup_cmake.sh
+        sudo ./ci/setup_ci_environment.sh
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+       languages: cpp
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
@@ -15,6 +15,7 @@ Increment the:
 
 ## [Unreleased]
 
+* [CI] Add CodeQL security scan CI workflow ([#770](https://github.com/open-telemetry/opentelemetry-cpp/pull/770))
 * [EXPORTER] Populate resource to OTLP proto data ([#758](https://github.com/open-telemetry/opentelemetry-cpp/pull/758))
 
 ## [0.6.0] 2021-05-11