From 0cfcceb4b8d171a552bd69887d490f6a4d3bf594 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 11 Feb 2026 23:45:34 +0000 Subject: [PATCH] Add `transformPayload` to `AnalysisConfig` --- lib/analyze-action.js | 35 ++++++++++++++++++++--------------- lib/init-action-post.js | 35 ++++++++++++++++++++--------------- lib/upload-lib.js | 35 ++++++++++++++++++++--------------- lib/upload-sarif-action.js | 35 ++++++++++++++++++++--------------- src/analyses.ts | 6 ++++++ src/upload-lib.ts | 26 ++++++++++++++------------ 6 files changed, 100 insertions(+), 72 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 798cdada2..be8cca241 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -106497,7 +106497,8 @@ var CodeScanning = { sarifExtension: ".sarif", sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), fixCategory: (_, category) => category, - sentinelPrefix: "CODEQL_UPLOAD_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_SARIF_", + transformPayload: (payload) => payload }; var CodeQuality = { kind: "code-quality" /* CodeQuality */, @@ -106506,7 +106507,8 @@ var CodeQuality = { sarifExtension: ".quality.sarif", sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_", + transformPayload: (payload) => payload }; var CSRA = { kind: "csra" /* CSRA */, @@ -106515,7 +106517,8 @@ var CSRA = { sarifExtension: ".csra.sarif", sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", + transformPayload: (payload) => payload }; function getAnalysisConfig(kind) { switch (kind) { @@ -112534,18 +112537,20 @@ async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, post logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; - const payload = buildPayload( - await getCommitOid(checkoutPath), - await getRef(), - postProcessingResults.analysisKey, - getRequiredEnvParam("GITHUB_WORKFLOW"), - zippedSarif, - getWorkflowRunID(), - getWorkflowRunAttempt(), - checkoutURI, - postProcessingResults.environment, - toolNames, - await determineBaseBranchHeadCommitOid() + const payload = uploadTarget.transformPayload( + buildPayload( + await getCommitOid(checkoutPath), + await getRef(), + postProcessingResults.analysisKey, + getRequiredEnvParam("GITHUB_WORKFLOW"), + zippedSarif, + getWorkflowRunID(), + getWorkflowRunAttempt(), + checkoutURI, + postProcessingResults.environment, + toolNames, + await determineBaseBranchHeadCommitOid() + ) ); const rawUploadSizeBytes = sarifPayload.length; logger.debug(`Raw upload size: ${rawUploadSizeBytes} bytes`); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 51286a916..c6a159158 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -164556,7 +164556,8 @@ var CodeScanning = { sarifExtension: ".sarif", sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), fixCategory: (_2, category) => category, - sentinelPrefix: "CODEQL_UPLOAD_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_SARIF_", + transformPayload: (payload) => payload }; var CodeQuality = { kind: "code-quality" /* CodeQuality */, @@ -164565,7 +164566,8 @@ var CodeQuality = { sarifExtension: ".quality.sarif", sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_", + transformPayload: (payload) => payload }; var CSRA = { kind: "csra" /* CSRA */, @@ -164574,7 +164576,8 @@ var CSRA = { sarifExtension: ".csra.sarif", sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", + transformPayload: (payload) => payload }; // src/config/db-config.ts @@ -169141,18 +169144,20 @@ async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, post logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; - const payload = buildPayload( - await getCommitOid(checkoutPath), - await getRef(), - postProcessingResults.analysisKey, - getRequiredEnvParam("GITHUB_WORKFLOW"), - zippedSarif, - getWorkflowRunID(), - getWorkflowRunAttempt(), - checkoutURI, - postProcessingResults.environment, - toolNames, - await determineBaseBranchHeadCommitOid() + const payload = uploadTarget.transformPayload( + buildPayload( + await getCommitOid(checkoutPath), + await getRef(), + postProcessingResults.analysisKey, + getRequiredEnvParam("GITHUB_WORKFLOW"), + zippedSarif, + getWorkflowRunID(), + getWorkflowRunAttempt(), + checkoutURI, + postProcessingResults.environment, + toolNames, + await determineBaseBranchHeadCommitOid() + ) ); const rawUploadSizeBytes = sarifPayload.length; logger.debug(`Raw upload size: ${rawUploadSizeBytes} bytes`); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a4166a359..ed56953ba 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -106152,7 +106152,8 @@ var CodeScanning = { sarifExtension: ".sarif", sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), fixCategory: (_, category) => category, - sentinelPrefix: "CODEQL_UPLOAD_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_SARIF_", + transformPayload: (payload) => payload }; var CodeQuality = { kind: "code-quality" /* CodeQuality */, @@ -106161,7 +106162,8 @@ var CodeQuality = { sarifExtension: ".quality.sarif", sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_", + transformPayload: (payload) => payload }; var CSRA = { kind: "csra" /* CSRA */, @@ -106170,7 +106172,8 @@ var CSRA = { sarifExtension: ".csra.sarif", sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", + transformPayload: (payload) => payload }; var SarifScanOrder = [ CSRA, @@ -110461,18 +110464,20 @@ async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, post logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; - const payload = buildPayload( - await getCommitOid(checkoutPath), - await getRef(), - postProcessingResults.analysisKey, - getRequiredEnvParam("GITHUB_WORKFLOW"), - zippedSarif, - getWorkflowRunID(), - getWorkflowRunAttempt(), - checkoutURI, - postProcessingResults.environment, - toolNames, - await determineBaseBranchHeadCommitOid() + const payload = uploadTarget.transformPayload( + buildPayload( + await getCommitOid(checkoutPath), + await getRef(), + postProcessingResults.analysisKey, + getRequiredEnvParam("GITHUB_WORKFLOW"), + zippedSarif, + getWorkflowRunID(), + getWorkflowRunAttempt(), + checkoutURI, + postProcessingResults.environment, + toolNames, + await determineBaseBranchHeadCommitOid() + ) ); const rawUploadSizeBytes = sarifPayload.length; logger.debug(`Raw upload size: ${rawUploadSizeBytes} bytes`); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 8057d0909..14cef2738 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -106190,7 +106190,8 @@ var CodeScanning = { sarifExtension: ".sarif", sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), fixCategory: (_, category) => category, - sentinelPrefix: "CODEQL_UPLOAD_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_SARIF_", + transformPayload: (payload) => payload }; var CodeQuality = { kind: "code-quality" /* CodeQuality */, @@ -106199,7 +106200,8 @@ var CodeQuality = { sarifExtension: ".quality.sarif", sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_", + transformPayload: (payload) => payload }; var CSRA = { kind: "csra" /* CSRA */, @@ -106208,7 +106210,8 @@ var CSRA = { sarifExtension: ".csra.sarif", sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), fixCategory: fixCodeQualityCategory, - sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_" + sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", + transformPayload: (payload) => payload }; function getAnalysisConfig(kind) { switch (kind) { @@ -110971,18 +110974,20 @@ async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, post logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; - const payload = buildPayload( - await getCommitOid(checkoutPath), - await getRef(), - postProcessingResults.analysisKey, - getRequiredEnvParam("GITHUB_WORKFLOW"), - zippedSarif, - getWorkflowRunID(), - getWorkflowRunAttempt(), - checkoutURI, - postProcessingResults.environment, - toolNames, - await determineBaseBranchHeadCommitOid() + const payload = uploadTarget.transformPayload( + buildPayload( + await getCommitOid(checkoutPath), + await getRef(), + postProcessingResults.analysisKey, + getRequiredEnvParam("GITHUB_WORKFLOW"), + zippedSarif, + getWorkflowRunID(), + getWorkflowRunAttempt(), + checkoutURI, + postProcessingResults.environment, + toolNames, + await determineBaseBranchHeadCommitOid() + ) ); const rawUploadSizeBytes = sarifPayload.length; logger.debug(`Raw upload size: ${rawUploadSizeBytes} bytes`); diff --git a/src/analyses.ts b/src/analyses.ts index 714917b91..39486cab9 100644 --- a/src/analyses.ts +++ b/src/analyses.ts @@ -4,6 +4,7 @@ import { getRequiredInput, } from "./actions-util"; import { Logger } from "./logging"; +import { UploadPayload } from "./upload-lib/types"; import { ConfigurationError } from "./util"; export enum AnalysisKind { @@ -146,6 +147,8 @@ export interface AnalysisConfig { fixCategory: (logger: Logger, category?: string) => string | undefined; /** A prefix for environment variables used to track the uniqueness of SARIF uploads. */ sentinelPrefix: string; + /** Transforms the upload payload in an analysis-specific way. */ + transformPayload: (payload: UploadPayload) => UploadPayload; } // Represents the Code Scanning analysis configuration. @@ -160,6 +163,7 @@ export const CodeScanning: AnalysisConfig = { !CSRA.sarifPredicate(name), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", + transformPayload: (payload) => payload, }; // Represents the Code Quality analysis configuration. @@ -171,6 +175,7 @@ export const CodeQuality: AnalysisConfig = { sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), fixCategory: fixCodeQualityCategory, sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_", + transformPayload: (payload) => payload, }; export const CSRA: AnalysisConfig = { @@ -181,6 +186,7 @@ export const CSRA: AnalysisConfig = { sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), fixCategory: fixCodeQualityCategory, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", + transformPayload: (payload) => payload, }; /** diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 85208b7b4..f5c6366ab 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -848,18 +848,20 @@ export async function uploadPostProcessedFiles( const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; - const payload = buildPayload( - await gitUtils.getCommitOid(checkoutPath), - await gitUtils.getRef(), - postProcessingResults.analysisKey, - util.getRequiredEnvParam("GITHUB_WORKFLOW"), - zippedSarif, - actionsUtil.getWorkflowRunID(), - actionsUtil.getWorkflowRunAttempt(), - checkoutURI, - postProcessingResults.environment, - toolNames, - await gitUtils.determineBaseBranchHeadCommitOid(), + const payload = uploadTarget.transformPayload( + buildPayload( + await gitUtils.getCommitOid(checkoutPath), + await gitUtils.getRef(), + postProcessingResults.analysisKey, + util.getRequiredEnvParam("GITHUB_WORKFLOW"), + zippedSarif, + actionsUtil.getWorkflowRunID(), + actionsUtil.getWorkflowRunAttempt(), + checkoutURI, + postProcessingResults.environment, + toolNames, + await gitUtils.determineBaseBranchHeadCommitOid(), + ), ); // Log some useful debug info about the info