Try fix CodeQL

crtrott · Sep 19, 2024 · d8d935f · d8d935f
1 parent fb6a63f
commit d8d935f
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 10 deletions.
diff --git a/.github/workflows/continuous-integration-snifftest.yml b/.github/workflows/continuous-integration-snifftest.yml
@@ -41,8 +41,8 @@ jobs:
 
       - name: build_and_install_kokkos
         working-directory: kokkos/build
-        run: make -j4 install
+        run: make -j2 install
 
       - name: test_kokkos
         working-directory: kokkos/build
-        run: ctest --timeout 2000 -j2 --output-on-failure
+        run: ctest --timeout 2000 -j1 --output-on-failure
diff --git a/.github/workflows/continuous-integration-stager.yml b/.github/workflows/continuous-integration-stager.yml
@@ -20,14 +20,28 @@ jobs:
   clang-format-check:
     uses: ./.github/workflows/clang-format-check.yml
 
-#  codeql:
-#    permissions:
-#      # required for all workflows
-#      security-events: write
-#      # only required for workflows in private repositories
-#      actions: read
-#      contents: read
-#    uses: ./.github/workflows/codeql.yml
+  codeql:
+    # need to set manual permissions since it requires security-events write
+    # but then we have to set everything else manually to read since the
+    # default is overwritten
+    permissions:
+      # required for all workflows
+      security-events: write
+      # only required for workflows in private repositories
+      actions: read
+      attestations: read
+      checks: read
+      contents: read
+      deployments: read
+      discussions: read
+      issues: read
+      packages: read
+      pages: read
+      pull-requests: read
+      repository-projects: read
+      statuses: read
+      id-token: read
+    uses: ./.github/workflows/codeql.yml
 
   initial-check:
     uses: ./.github/workflows/continuous-integration-snifftest.yml