Updating workflow permissions #4

	name: Code Quality

	on: push

	permissions:
	contents: read # This is required for actions/checkout
	actions: read # Required by CodeQL
	security-events: write # Required by CodeQL

	jobs:
	code-scanning:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3

	- name: Set up JDK 11
	uses: actions/setup-java@v1
	with:
	java-version: 1.11

	- name: Cache SonarCloud packages
	uses: actions/cache@v1
	with:
	path: ~\sonar\cache
	key: ${{ runner.os }}-sonar
	restore-keys: ${{ runner.os }}-sonar

	- name: Install SonarCloud scanners
	shell: bash
	run: \|
	cd src
	dotnet tool install --global dotnet-sonarscanner

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: 'csharp'

	- name: Begin SonarScanner
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: \|
	cd src
	dotnet-sonarscanner begin /k:"frasermolyneux_portal-repository" /o:"frasermolyneux" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"

	- uses: frasermolyneux/actions/dotnet-web-ci@main
	with:
	dotnet-project: "repository-webapi"
	dotnet-version: 7.0.x
	src-folder: "src"
	majorMinorVersion: "1.1"

	- name: End SonarScanner
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: \|
	cd src
	dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2
	with:
	category: "/language:'csharp'"

Provide feedback