name: "CodeQL Analysis"

on:
  workflow_dispatch:
  pull_request:
    types:
      - opened
      - reopened
      - synchronize
      - ready_for_review
  push:
    branches: [master]

jobs:
  analyze:
    if: ${{ !github.event.pull_request.draft }}

    name: Analyze
    runs-on: ubuntu-24.04-16-core-x64
    container: symless/synergy-core:ubuntu-24.04-amd64
    timeout-minutes: 20

    strategy:
      fail-fast: false
      matrix:
        language: ["cpp"]

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          submodules: "recursive"

      - name: Config Git safe dir
        run: git config --global --add safe.directory $GITHUB_WORKSPACE

      - name: Install dependencies
        run: ./scripts/install_deps.py --ci-env

      - name: Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}

      - name: Autobuild
        uses: github/codeql-action/autobuild@v3

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3