github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-21 12:00:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add threat-models as a property to config file and inputs

Browse Source 
There's a lot of changes here, but it's pretty formulaic. It follows the
approach used by the `queries` input and config property.
`threat-models` can appear as an input or in the config file. If it
appears in the input, then we need to either merge it with the
threat-models in the config (if prefixed with `+`) or overwrite it.

There's no danger if someone uses `threat-models` with an older CLI
since the CLI can handle configs with extra properties.
This commit is contained in:
Andrew Eisenberg
2023-04-19 15:01:02 -07:00
parent a8affb0639
commit 7a9b004c1f
44 changed files with 534 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/codeql.js
Generated
+17
View File
@@ -743,6 +743,23 @@ async function generateCodeScanningConfig(codeql, config, features, logger) {
augmentedConfig.packs["javascript"].push(packString);
}
}
// Inject the threat-models from the input
if (config.augmentationProperties.threatModelsInput) {
if (config.augmentationProperties.threatModelsInputCombines) {
// threat-models input combines with threat-models from the config file
// (if any were defined).
augmentedConfig["threat-models"] = (augmentedConfig["threat-models"] || []).concat(config.augmentationProperties.threatModelsInput);
}
else {
// threat-models input overrides threat-models from the config file
augmentedConfig["threat-models"] =
config.augmentationProperties.threatModelsInput;
}
}
if (Array.isArray(augmentedConfig["threat-models"]) &&
!augmentedConfig["threat-models"].length) {
delete augmentedConfig["threat-models"];
}
logger.info(`Writing augmented user configuration file to ${codeScanningConfigFile}`);
logger.startGroup("Augmented user configuration file contents");
logger.info(yaml.dump(augmentedConfig));