From 3829f04f95e1b8687e04c2525d8b26938848598e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juraci=20Paix=C3=A3o=20Kr=C3=B6hling?= <juraci@kroehling.de>
Date: Thu, 29 Oct 2020 14:30:54 +0100
Subject: [PATCH] Add CodeQL check (#18)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>
---
 .github/mergify.yml       |  6 ++++--
 .github/workflows/go.yaml | 32 ++++++++++++++++++++++++++++----
 2 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/.github/mergify.yml b/.github/mergify.yml
index ac990ee..8126dea 100644
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -9,8 +9,10 @@ pull_request_rules:
     conditions:
       - "#approved-reviews-by>=1"
       - "-draft"
-      - "status-success=Build"
-      - "status-success=Integration test"
+      - "status-success=build"
+      - "status-success=lint"
+      - "status-success=security"
+      - "status-success=integration-test"
     actions:
       merge:
         method: squash
diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml
index 9801df8..9670070 100644
--- a/.github/workflows/go.yaml
+++ b/.github/workflows/go.yaml
@@ -1,4 +1,4 @@
-name: Go
+name: "Continuous Integration"
 
 on:
   push:
@@ -7,9 +7,9 @@ on:
     branches: [ master ]
 
 jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
+  unit-tests:
+    name: Unit tests
+    runs-on: ubuntu-20.04
     steps:
 
     - name: Set up Go 1.14
@@ -24,6 +24,13 @@ jobs:
     - name: Test
       run: go test -v ./...
 
+  lint:
+    name: Code standards (linting)
+    runs-on: ubuntu-20.04
+    steps:
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
     - name: Lint
       uses: golangci/golangci-lint-action@v2
       with:
@@ -31,3 +38,20 @@ jobs:
         args: --enable=gosec,maligned,misspell
         only-new-issues: true
 
+  security:
+    name: Security
+    runs-on: ubuntu-20.04
+    steps:
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: go
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1