name: CodeQL

# trigger the workflow on push or pull requests for some paths
on:
  push:
    paths:
    - 'src/**'
    - '.github/**'
    - 'Makefile'
  pull_request:
    paths:
    - 'src/**'
    - '.github/**'
    - 'Makefile'

jobs:
  CodeQL-Build:
    runs-on: ubuntu-20.04     # GitHub Runner
    container: ubuntu:20.04   # Docker Hub container

    steps:
    - name: Check out repository
      uses: actions/checkout@v3

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v2
      with:
        languages: cpp
        queries: +security-and-quality

    - name: Install dependencies
      run: |
        apt-get -y update
        apt-get -y --allow-unauthenticated --allow-downgrades --allow-remove-essential --allow-change-held-packages \
          install make gcc libevent-dev libmsgpack-dev

    - name: Autobuild
      uses: github/codeql-action/autobuild@v2

    - name: CodeQL Analysis
      uses: github/codeql-action/analyze@v2