From 1433773db472434b6b1a9bfdca9314b7f657f627 Mon Sep 17 00:00:00 2001
From: Steven Silvester <steven.silvester@ieee.org>
Date: Mon, 27 Jan 2025 09:41:00 -0600
Subject: [PATCH] PYTHON-5062 Add GitHub Actions CodeQL scanning (#321)

---
 .github/workflows/codeql.yml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 45dbb359..03f21f46 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -26,7 +26,7 @@ on:
 
 jobs:
   analyze:
-    name: Analyze
+    name: Analyze ${{ matrix.language }}
     runs-on: ubuntu-latest
     timeout-minutes: 360
     permissions:
@@ -36,7 +36,12 @@ jobs:
       packages: read
       actions: read
       contents: read
-
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: python
+        - language: actions
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
@@ -52,7 +57,7 @@ jobs:
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:
-        languages: python
+        languages: ${{ matrix.language }}
         build-mode: none
         # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
         queries: security-extended
@@ -62,10 +67,11 @@ jobs:
             - 'test/**'
 
     - shell: bash
+      if: matrix.language == 'python'
       run: |
         pip install -e .
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3
       with:
-        category: "/language:python"
+        category: "/language:${{matrix.language}}"