From 462b0d45ad9af40ba786a4fcd39d406d5fcdac5c Mon Sep 17 00:00:00 2001
From: Taj Singh <tjgurwara99@gmail.com>
Date: Thu, 7 Aug 2025 12:31:30 +0100
Subject: [PATCH] Upload quality only sarif

---
 analyze/action.yml    |  5 +++++
 src/analyze-action.ts | 23 ++++++++++++++---------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/analyze/action.yml b/analyze/action.yml
index 7fec8fb44..c14ec1459 100644
--- a/analyze/action.yml
+++ b/analyze/action.yml
@@ -18,6 +18,11 @@ inputs:
     required: false
     # If changing this, make sure to update workflow.ts accordingly.
     default: "always"
+  upload-quality-only:
+    description: >-
+      This is not recommended for external users since it complicates debugging. Upload the SARIF file to Code Quality only.
+      Defaults to 'false' which uploads the generated SARIFs to both Code Scanning and Code Quality.
+      'true' only uploads the SARIF file to Code Quality.
   cleanup-level:
     description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --cache-cleanup flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
     required: false
diff --git a/src/analyze-action.ts b/src/analyze-action.ts
index 80ed43b21..3fe009262 100644
--- a/src/analyze-action.ts
+++ b/src/analyze-action.ts
@@ -331,16 +331,21 @@ async function run() {
     core.setOutput("db-locations", dbLocations);
     core.setOutput("sarif-output", path.resolve(outputDir));
     const uploadInput = actionsUtil.getOptionalInput("upload");
+    const uploadQualityOnly = actionsUtil.getOptionalInput(
+      "upload-quality-only",
+    );
     if (runStats && actionsUtil.getUploadValue(uploadInput) === "always") {
-      uploadResult = await uploadLib.uploadFiles(
-        outputDir,
-        actionsUtil.getRequiredInput("checkout_path"),
-        actionsUtil.getOptionalInput("category"),
-        features,
-        logger,
-        uploadLib.CodeScanningTarget,
-      );
-      core.setOutput("sarif-id", uploadResult.sarifID);
+      if (uploadQualityOnly !== "true") {
+        uploadResult = await uploadLib.uploadFiles(
+          outputDir,
+          actionsUtil.getRequiredInput("checkout_path"),
+          actionsUtil.getOptionalInput("category"),
+          features,
+          logger,
+          uploadLib.CodeScanningTarget,
+        );
+        core.setOutput("sarif-id", uploadResult.sarifID);
+      }
 
       if (config.augmentationProperties.qualityQueriesInput !== undefined) {
         const qualityUploadResult = await uploadLib.uploadFiles(