build

Update github/codeql-action action to v2.22.2 #46

	name: build

	on: [pull_request]

	permissions:
	contents: read

	jobs:
	build:

	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
	- name: Set up Go
	uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
	id: setup-go
	with:
	go-version-file: "go.mod"
	- name: Build
	run: go build -v ./...
	- name: Checkout And Build
	run: docker compose up -d postgres
	- name: Test
	run: go test -v ./...
	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@69cbbc0cbbf6a2b0bab8dcf0e9f2d7ead08e87e4 # master
	with:
	image-ref: ''
	scan-type: 'fs'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@d90b8d79de6dc1f58e83a1499aa58d6c93dc28de # v2.22.2
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback