Create copilot-setup-steps.yml to install gh codeql

felickz · web-flow · commit 219ce10c2905 · 2025-09-08T12:00:13.000-04:00
diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml
@@ -0,0 +1,57 @@
+---
+name: "Copilot Setup Steps"
+
+# Automatically run the setup steps when they are changed to allow for
+# easy validation, and manual testing through the repository's Actions tab
+on:
+  workflow_dispatch: {}
+  push:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+  pull_request:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+
+jobs:
+  # The job MUST be called `copilot-setup-steps` or it will not be picked up
+  # by Copilot.
+  copilot-setup-steps:
+    runs-on: ubuntu-latest
+
+    # Set the permissions to the lowest permissions possible needed for your
+    # steps. Copilot will be given its own token for its operations.
+    permissions:
+      # If you want to clone the repository as part of your setup steps, for
+      # example to install dependencies, you'll need the `contents: read`
+      # permission. If you don't clone the repository in your setup steps,
+      # Copilot will do this for you automatically after the steps complete.
+      contents: read
+
+    # You can define any steps you want, and they will run before the agent
+    # starts. If you do not check out your code, Copilot will do this for you.
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Install GitHub CLI CodeQL extension
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          # Install GitHub CLI (should already be available in ubuntu-latest)
+          gh --version
+
+          # Install CodeQL CLI extension
+          gh extension install github/gh-codeql
+
+          # Set CodeQL to latest version
+          gh codeql set-version latest
+
+          # Verify the extension is installed and working
+          gh codeql version
+
+          # Install packs
+          (cd ./ql/src/ && gh codeql pack install)
+          (cd ./ql/lib/ && gh codeql pack install)
+          (cd ./ql/test/ && gh codeql pack install)
