Validate CODEQL_ACTION_CSRA_ASSESSMENT_ID value

2026-04-29 10:28:52 +00:00 · 2026-02-12 20:15:18 +00:00
parent 2adcb6464e
commit 0ce6420f8e
7 changed files with 125 additions and 20 deletions
@@ -8,13 +8,16 @@ import {
  AnalysisKind,
  CodeScanning,
  compatibilityMatrix,
+  CSRA,
  getAnalysisConfig,
  getAnalysisKinds,
  parseAnalysisKinds,
  supportedAnalysisKinds,
 } from "./analyses";
+import { EnvVar } from "./environment";
 import { getRunnerLogger } from "./logging";
 import { setupTests } from "./testing-utils";
+import { AssessmentPayload } from "./upload-lib/types";
 import { ConfigurationError } from "./util";

 setupTests(test);
@@ -118,3 +121,61 @@ test("Code Scanning configuration does not accept other SARIF extensions", (t) =
    t.false(CodeScanning.sarifPredicate(sarifPath));
  }
 });
+
+test("CSRA configuration transforms SARIF upload payload", (t) => {
+  process.env[EnvVar.CSRA_ASSESSMENT_ID] = "1";
+  const payload = CSRA.transformPayload({
+    commit_oid: "abc",
+    sarif: "sarif",
+    ref: "ref",
+    workflow_run_attempt: 1,
+    workflow_run_id: 1,
+    checkout_uri: "uri",
+    tool_names: [],
+  }) as AssessmentPayload;
+
+  const expected: AssessmentPayload = { sarif: "sarif", assessment_id: 1 };
+  t.deepEqual(expected, payload);
+});
+
+test("CSRA configuration throws for negative assessment IDs", (t) => {
+  process.env[EnvVar.CSRA_ASSESSMENT_ID] = "-1";
+  t.throws(
+    () =>
+      CSRA.transformPayload({
+        commit_oid: "abc",
+        sarif: "sarif",
+        ref: "ref",
+        workflow_run_attempt: 1,
+        workflow_run_id: 1,
+        checkout_uri: "uri",
+        tool_names: [],
+      }),
+    {
+      instanceOf: Error,
+      message: (msg) =>
+        msg.startsWith(`${EnvVar.CSRA_ASSESSMENT_ID} must not be negative: `),
+    },
+  );
+});
+
+test("CSRA configuration throws for invalid IDs", (t) => {
+  process.env[EnvVar.CSRA_ASSESSMENT_ID] = "foo";
+  t.throws(
+    () =>
+      CSRA.transformPayload({
+        commit_oid: "abc",
+        sarif: "sarif",
+        ref: "ref",
+        workflow_run_attempt: 1,
+        workflow_run_id: 1,
+        checkout_uri: "uri",
+        tool_names: [],
+      }),
+    {
+      instanceOf: Error,
+      message: (msg) =>
+        msg.startsWith(`${EnvVar.CSRA_ASSESSMENT_ID} must not be NaN: `),
+    },
+  );
+});