Refactor CQ SARIF upload in upload-sarif into a function

2026-04-27 17:39:15 +00:00 · 2025-09-18 13:50:53 +01:00
parent b73659a4ff
commit 35454d39b2
2 changed files with 69 additions and 25 deletions
@@ -32,6 +32,45 @@ interface UploadSarifStatusReport
  extends StatusReportBase,
    upload_lib.UploadStatusReport {}

+/**
+ * Searches for SARIF files for the given `analysis` in the given `sarifPath`.
+ * If any are found, then they are uploaded to the appropriate endpoint for the given `analysis`.
+ *
+ * @param logger The logger to use.
+ * @param features Information about FFs.
+ * @param sarifPath The path to a directory containing SARIF files.
+ * @param checkoutPath The checkout path.
+ * @param analysis The configuration of the analysis we should upload SARIF files for.
+ * @param category The SARIF category to use for the upload.
+ * @returns The result of uploading the SARIF file(s) or `undefined` if there are none.
+ */
+async function findAndUpload(
+  logger: Logger,
+  features: Features,
+  sarifPath: string,
+  checkoutPath: string,
+  analysis: analyses.AnalysisConfig,
+  category?: string,
+): Promise<upload_lib.UploadResult | undefined> {
+  const sarifFiles = upload_lib.findSarifFilesInDir(
+    sarifPath,
+    analysis.sarifPredicate,
+  );
+
+  if (sarifFiles.length !== 0) {
+    return await upload_lib.uploadSpecifiedFiles(
+      sarifFiles,
+      checkoutPath,
+      category,
+      features,
+      logger,
+      analysis,
+    );
+  }
+
+  return undefined;
+}
+
 async function sendSuccessStatusReport(
  startedAt: Date,
  uploadStats: upload_lib.UploadStatusReport,
@@ -86,6 +125,7 @@ async function run() {
  }

  try {
+    // `sarifPath` can either be a path to a single file, or a path to a directory.
    const sarifPath = actionsUtil.getRequiredInput("sarif_file");
    const checkoutPath = actionsUtil.getRequiredInput("checkout_path");
    const category = actionsUtil.getOptionalInput("category");
@@ -104,21 +144,14 @@ async function run() {
    // Code quality can currently only be enabled on top of security, so we'd currently always expect to
    // have a directory for the results here.
    if (fs.lstatSync(sarifPath).isDirectory()) {
-      const qualitySarifFiles = upload_lib.findSarifFilesInDir(
+      await findAndUpload(
+        logger,
+        features,
        sarifPath,
-        analyses.CodeQuality.sarifPredicate,
+        checkoutPath,
+        analyses.CodeQuality,
+        actionsUtil.fixCodeQualityCategory(logger, category),
      );
-
-      if (qualitySarifFiles.length !== 0) {
-        await upload_lib.uploadSpecifiedFiles(
-          qualitySarifFiles,
-          checkoutPath,
-          actionsUtil.fixCodeQualityCategory(logger, category),
-          features,
-          logger,
-          analyses.CodeQuality,
-        );
-      }
    }

    // We don't upload results in test mode, so don't wait for processing