From a089e0ed3f3f321b67d3ac76f40ac2b4fdc50878 Mon Sep 17 00:00:00 2001
From: Esben Sparre Andreasen <esbena@github.com>
Date: Mon, 18 Oct 2021 12:24:17 +0200
Subject: [PATCH 1/2] change branch name

---
 .github/workflows/nightly-changes.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/nightly-changes.yml b/.github/workflows/nightly-changes.yml
index 4dd42d294d5..f32416cdeca 100644
--- a/.github/workflows/nightly-changes.yml
+++ b/.github/workflows/nightly-changes.yml
@@ -8,7 +8,7 @@ on:
 jobs:
 
   build:
-    uses: github/codeql-ql/.github/workflows/build.yml@esbena/workflow-improvements
+    uses: github/codeql-ql/.github/workflows/build.yml@main
     with:
       os: '[ "ubuntu-latest" ]'
 

From e851ba2bfd9feba7b08158fc3d93c520527556a3 Mon Sep 17 00:00:00 2001
From: Esben Sparre Andreasen <esbena@github.com>
Date: Mon, 18 Oct 2021 12:46:01 +0200
Subject: [PATCH 2/2] change code-scanning branch

---
 .github/workflows/nightly-changes.yml | 31 +++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/.github/workflows/nightly-changes.yml b/.github/workflows/nightly-changes.yml
index f32416cdeca..0574a4ed805 100644
--- a/.github/workflows/nightly-changes.yml
+++ b/.github/workflows/nightly-changes.yml
@@ -98,3 +98,34 @@ jobs:
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@esbena/ql
+        with:
+          upload: false
+          output: ${{ runner.temp }}/sarifs
+          add-snippets: true
+
+      - name: Upload results artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: results
+          path: ${{ runner.temp }}/sarifs
+
+      - name: Obtain git info for sarif upload
+        id: git-info
+        run: |
+          echo "::set-output name=commit_sha::$(git log -1 --format=%H | tr -d '\n')"
+          echo "::set-output name=ref::refs/heads/nightly-changes-alerts"
+
+      - name: Upload results to code-scanning
+        run: |
+          URL="https://api.github.com/repos/github/codeql-ql/code-scanning/sarifs"
+          ENCODED_SARIF_FILE=ql.sarif.encoded
+          gzip -c "${SARIFS}/ql.sarif" | base64 -w0 > "${ENCODED_SARIF_FILE}"
+          ARGS_FILE=args.json
+          jq -nc --arg commit_sha "${COMMIT_SHA}" --arg ref "${REF}" --rawfile sarif "${ENCODED_SARIF_FILE}" '.commit_sha=$commit_sha | .ref=$ref | .sarif=$sarif' > "${ARGS_FILE}"
+          curl -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github.v3+json" "${URL}" -d "@${ARGS_FILE}"
+        env:
+          COMMIT_SHA: ${{ steps.git-info.outputs.commit_sha }}
+          REF: ${{ steps.git-info.outputs.ref }}
+          SARIFS: ${{ runner.temp }}/sarifs
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+