From ee000ac0099f809aa8f89380e71b8609ec47a637 Mon Sep 17 00:00:00 2001
From: temenuzhka-thede <temenuzhka.thede@docker.com>
Date: Fri, 27 Oct 2023 00:26:52 -0500
Subject: [PATCH] Add permissions block to top workflow level

Signed-off-by: temenuzhka-thede <temenuzhka.thede@docker.com>

specify go version

Signed-off-by: temenuzhka-thede <temenuzhka.thede@docker.com>
---
 .github/workflows/codeql.yml | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 8fb4c021d..51e781675 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -20,19 +20,23 @@ on:
       - '**/*.yml'
       - '**/*_test.go'
 
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+env:
+  GO_VERSION: 1.19
+
 jobs:
   analyze:
     name: Analyze
     runs-on: 'ubuntu-latest'
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
     strategy:
       fail-fast: false
       matrix:
-        language: [go]
+        language: 
+          - go
         
     steps:
     -
@@ -42,8 +46,8 @@ jobs:
       name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version-file: go.mod
-        check-latest: true
+        go-version: ${{ env.GO_VERSION }}
+        cache: true
     -
       name: Initialize CodeQL
       uses: github/codeql-action/init@v2