# GitHub Actions CodeQL Workflow

name: CodeQL

on:
  pull_request:
    branches: [ main ]

  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Initialize CodeQL
        uses: github/codeql-action/init@v1
        with:
          languages: python, cpp

      - name: Update submodules
        run: git submodule update --init --recursive

      - name: Install Torch
        run: |
              python -m pip install cmake ninja
              python -m pip install --pre torch -f https://download.pytorch.org/whl/nightly/cpu/torch_nightly.html

      - name: Build TorchAudio
        run: BUILD_SOX=1 USE_CUDA=0 python setup.py develop --user

      # If any code scanning alerts are found, they will be under Security -> CodeQL
      # Link: https://github.com/pytorch/audio/security/code-scanning
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v1