From 391a5d5c21139a0a37da3c044023c4de80b4c7ef Mon Sep 17 00:00:00 2001
From: William Murphy <hello@wjmurphy.co.uk>
Date: Fri, 6 Oct 2023 17:04:05 +0100
Subject: [PATCH] add codeql to ci

---
 .github/workflows/ci.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ed9568278..cf631cdd4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,6 +15,12 @@ jobs:
     name: Security Analysis
     uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
 
+  codeql-sast:
+    name: CodeQL SAST scan
+    uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
+    permissions:
+      security-events: write
+
   lint-scss:
     name: Lint SCSS
     uses: alphagov/govuk-infrastructure/.github/workflows/stylelint.yml@main
@@ -56,4 +62,3 @@ jobs:
         env:
           RAILS_ENV: test
         run: bundle exec rake spec
-