ci: sparse checkout CodeQL actions shard (#87775)

2026-06-01 12:16:46 +00:00 · 2026-05-28 14:36:31 -07:00
parent b05aefa3cf
commit 563ad77d13
1 changed files with 11 additions and 0 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -85,10 +85,21 @@ jobs:
            config_file: ./.github/codeql/codeql-actions-critical-security.yml
    steps:
      - name: Checkout
+        if: ${{ matrix.category != 'actions' }}
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          submodules: false

+      - name: Checkout Actions security sources
+        if: ${{ matrix.category == 'actions' }}
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        with:
+          submodules: false
+          sparse-checkout: |
+            .github/actions
+            .github/workflows
+            .github/codeql
+
      - name: Initialize CodeQL
        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4
        with: