From 7cbb19ece7be845e75fd781baaaa53c9520b01c6 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 24 Feb 2026 13:52:41 +0000 Subject: [PATCH] Refactor `minimalInitCodeQL` out of `combineSarifFilesUsingCLI` --- lib/analyze-action.js | 51 +++++++++++++++-------------- lib/init-action-post.js | 51 +++++++++++++++-------------- lib/upload-lib.js | 53 ++++++++++++++++-------------- lib/upload-sarif-action.js | 51 +++++++++++++++-------------- src/upload-lib.ts | 67 +++++++++++++++++++++----------------- 5 files changed, 144 insertions(+), 129 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index d97d19c51..39ba407e7 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -112327,6 +112327,31 @@ async function shouldDisableCombineSarifFiles(sarifObjects, githubVersion) { } return true; } +async function minimalInitCodeQL(logger, gitHubVersion, features) { + logger.info( + "Initializing CodeQL since the 'init' Action was not called before this step." + ); + const apiDetails = { + auth: getRequiredInput("token"), + externalRepoAuth: getOptionalInput("external-repository-token"), + url: getRequiredEnvParam("GITHUB_SERVER_URL"), + apiURL: getRequiredEnvParam("GITHUB_API_URL") + }; + const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( + gitHubVersion.type + ); + const initCodeQLResult = await initCodeQL( + void 0, + // There is no tools input on the upload action + apiDetails, + getTemporaryDirectory(), + gitHubVersion.type, + codeQLDefaultVersionInfo, + features, + logger + ); + return initCodeQLResult.codeql; +} async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) { logger.info("Combining SARIF files using the CodeQL CLI"); const sarifObjects = sarifFiles.map((sarifFile) => { @@ -112357,31 +112382,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo codeQL = await getCodeQL(config.codeQLCmd); tempDir = config.tempDir; } else { - logger.info( - "Initializing CodeQL since the 'init' Action was not called before this step." - ); - const apiDetails = { - auth: getRequiredInput("token"), - externalRepoAuth: getOptionalInput( - "external-repository-token" - ), - url: getRequiredEnvParam("GITHUB_SERVER_URL"), - apiURL: getRequiredEnvParam("GITHUB_API_URL") - }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); - const initCodeQLResult = await initCodeQL( - void 0, - // There is no tools input on the upload action - apiDetails, - tempDir, - gitHubVersion.type, - codeQLDefaultVersionInfo, - features, - logger - ); - codeQL = initCodeQLResult.codeql; + codeQL = await minimalInitCodeQL(logger, gitHubVersion, features); } const baseTempDir = path14.resolve(tempDir, "combined-sarif"); fs15.mkdirSync(baseTempDir, { recursive: true }); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index f4bc19ecf..c5e72a6c5 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -168995,6 +168995,31 @@ async function shouldDisableCombineSarifFiles(sarifObjects, githubVersion) { } return true; } +async function minimalInitCodeQL(logger, gitHubVersion, features) { + logger.info( + "Initializing CodeQL since the 'init' Action was not called before this step." + ); + const apiDetails = { + auth: getRequiredInput("token"), + externalRepoAuth: getOptionalInput("external-repository-token"), + url: getRequiredEnvParam("GITHUB_SERVER_URL"), + apiURL: getRequiredEnvParam("GITHUB_API_URL") + }; + const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( + gitHubVersion.type + ); + const initCodeQLResult = await initCodeQL( + void 0, + // There is no tools input on the upload action + apiDetails, + getTemporaryDirectory(), + gitHubVersion.type, + codeQLDefaultVersionInfo, + features, + logger + ); + return initCodeQLResult.codeql; +} async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) { logger.info("Combining SARIF files using the CodeQL CLI"); const sarifObjects = sarifFiles.map((sarifFile) => { @@ -169025,31 +169050,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo codeQL = await getCodeQL(config.codeQLCmd); tempDir = config.tempDir; } else { - logger.info( - "Initializing CodeQL since the 'init' Action was not called before this step." - ); - const apiDetails = { - auth: getRequiredInput("token"), - externalRepoAuth: getOptionalInput( - "external-repository-token" - ), - url: getRequiredEnvParam("GITHUB_SERVER_URL"), - apiURL: getRequiredEnvParam("GITHUB_API_URL") - }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); - const initCodeQLResult = await initCodeQL( - void 0, - // There is no tools input on the upload action - apiDetails, - tempDir, - gitHubVersion.type, - codeQLDefaultVersionInfo, - features, - logger - ); - codeQL = initCodeQLResult.codeql; + codeQL = await minimalInitCodeQL(logger, gitHubVersion, features); } const baseTempDir = path15.resolve(tempDir, "combined-sarif"); fs15.mkdirSync(baseTempDir, { recursive: true }); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index fcec315ba..984ecc571 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -103114,6 +103114,7 @@ __export(upload_lib_exports, { buildPayload: () => buildPayload, findSarifFilesInDir: () => findSarifFilesInDir, getGroupedSarifFilePaths: () => getGroupedSarifFilePaths, + minimalInitCodeQL: () => minimalInitCodeQL, populateRunAutomationDetails: () => populateRunAutomationDetails, postProcessSarifFiles: () => postProcessSarifFiles, readSarifFile: () => readSarifFile, @@ -110218,6 +110219,31 @@ async function shouldDisableCombineSarifFiles(sarifObjects, githubVersion) { } return true; } +async function minimalInitCodeQL(logger, gitHubVersion, features) { + logger.info( + "Initializing CodeQL since the 'init' Action was not called before this step." + ); + const apiDetails = { + auth: getRequiredInput("token"), + externalRepoAuth: getOptionalInput("external-repository-token"), + url: getRequiredEnvParam("GITHUB_SERVER_URL"), + apiURL: getRequiredEnvParam("GITHUB_API_URL") + }; + const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( + gitHubVersion.type + ); + const initCodeQLResult = await initCodeQL( + void 0, + // There is no tools input on the upload action + apiDetails, + getTemporaryDirectory(), + gitHubVersion.type, + codeQLDefaultVersionInfo, + features, + logger + ); + return initCodeQLResult.codeql; +} async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) { logger.info("Combining SARIF files using the CodeQL CLI"); const sarifObjects = sarifFiles.map((sarifFile) => { @@ -110248,31 +110274,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo codeQL = await getCodeQL(config.codeQLCmd); tempDir = config.tempDir; } else { - logger.info( - "Initializing CodeQL since the 'init' Action was not called before this step." - ); - const apiDetails = { - auth: getRequiredInput("token"), - externalRepoAuth: getOptionalInput( - "external-repository-token" - ), - url: getRequiredEnvParam("GITHUB_SERVER_URL"), - apiURL: getRequiredEnvParam("GITHUB_API_URL") - }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); - const initCodeQLResult = await initCodeQL( - void 0, - // There is no tools input on the upload action - apiDetails, - tempDir, - gitHubVersion.type, - codeQLDefaultVersionInfo, - features, - logger - ); - codeQL = initCodeQLResult.codeql; + codeQL = await minimalInitCodeQL(logger, gitHubVersion, features); } const baseTempDir = path11.resolve(tempDir, "combined-sarif"); fs11.mkdirSync(baseTempDir, { recursive: true }); @@ -110821,6 +110823,7 @@ function filterAlertsByDiffRange(logger, sarif) { buildPayload, findSarifFilesInDir, getGroupedSarifFilePaths, + minimalInitCodeQL, populateRunAutomationDetails, postProcessSarifFiles, readSarifFile, diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 071fe3b0c..f4635e27d 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -110809,6 +110809,31 @@ async function shouldDisableCombineSarifFiles(sarifObjects, githubVersion) { } return true; } +async function minimalInitCodeQL(logger, gitHubVersion, features) { + logger.info( + "Initializing CodeQL since the 'init' Action was not called before this step." + ); + const apiDetails = { + auth: getRequiredInput("token"), + externalRepoAuth: getOptionalInput("external-repository-token"), + url: getRequiredEnvParam("GITHUB_SERVER_URL"), + apiURL: getRequiredEnvParam("GITHUB_API_URL") + }; + const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( + gitHubVersion.type + ); + const initCodeQLResult = await initCodeQL( + void 0, + // There is no tools input on the upload action + apiDetails, + getTemporaryDirectory(), + gitHubVersion.type, + codeQLDefaultVersionInfo, + features, + logger + ); + return initCodeQLResult.codeql; +} async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) { logger.info("Combining SARIF files using the CodeQL CLI"); const sarifObjects = sarifFiles.map((sarifFile) => { @@ -110839,31 +110864,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo codeQL = await getCodeQL(config.codeQLCmd); tempDir = config.tempDir; } else { - logger.info( - "Initializing CodeQL since the 'init' Action was not called before this step." - ); - const apiDetails = { - auth: getRequiredInput("token"), - externalRepoAuth: getOptionalInput( - "external-repository-token" - ), - url: getRequiredEnvParam("GITHUB_SERVER_URL"), - apiURL: getRequiredEnvParam("GITHUB_API_URL") - }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); - const initCodeQLResult = await initCodeQL( - void 0, - // There is no tools input on the upload action - apiDetails, - tempDir, - gitHubVersion.type, - codeQLDefaultVersionInfo, - features, - logger - ); - codeQL = initCodeQLResult.codeql; + codeQL = await minimalInitCodeQL(logger, gitHubVersion, features); } const baseTempDir = path12.resolve(tempDir, "combined-sarif"); fs12.mkdirSync(baseTempDir, { recursive: true }); diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 43039c596..2c58beb2b 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -11,7 +11,7 @@ import * as actionsUtil from "./actions-util"; import * as analyses from "./analyses"; import * as api from "./api-client"; import { getGitHubVersion, wrapApiConfigurationError } from "./api-client"; -import { CodeQL, getCodeQL } from "./codeql"; +import { getCodeQL, type CodeQL } from "./codeql"; import { getConfig } from "./config-utils"; import { readDiffRangesJsonFile } from "./diff-informed-analysis-utils"; import { EnvVar } from "./environment"; @@ -183,6 +183,42 @@ async function shouldDisableCombineSarifFiles( return true; } +/** + * Initialises a `CodeQL` instance that we can use to combine SARIF files. + */ +export async function minimalInitCodeQL( + logger: Logger, + gitHubVersion: GitHubVersion, + features: FeatureEnablement, +): Promise { + logger.info( + "Initializing CodeQL since the 'init' Action was not called before this step.", + ); + + const apiDetails = { + auth: actionsUtil.getRequiredInput("token"), + externalRepoAuth: actionsUtil.getOptionalInput("external-repository-token"), + url: getRequiredEnvParam("GITHUB_SERVER_URL"), + apiURL: getRequiredEnvParam("GITHUB_API_URL"), + }; + + const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( + gitHubVersion.type, + ); + + const initCodeQLResult = await initCodeQL( + undefined, // There is no tools input on the upload action + apiDetails, + actionsUtil.getTemporaryDirectory(), + gitHubVersion.type, + codeQLDefaultVersionInfo, + features, + logger, + ); + + return initCodeQLResult.codeql; +} + // Takes a list of paths to sarif files and combines them together using the // CLI `github merge-results` command when all SARIF files are produced by // CodeQL. Otherwise, it will fall back to combining the files in the action. @@ -239,34 +275,7 @@ async function combineSarifFilesUsingCLI( codeQL = await getCodeQL(config.codeQLCmd); tempDir = config.tempDir; } else { - logger.info( - "Initializing CodeQL since the 'init' Action was not called before this step.", - ); - - const apiDetails = { - auth: actionsUtil.getRequiredInput("token"), - externalRepoAuth: actionsUtil.getOptionalInput( - "external-repository-token", - ), - url: getRequiredEnvParam("GITHUB_SERVER_URL"), - apiURL: getRequiredEnvParam("GITHUB_API_URL"), - }; - - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type, - ); - - const initCodeQLResult = await initCodeQL( - undefined, // There is no tools input on the upload action - apiDetails, - tempDir, - gitHubVersion.type, - codeQLDefaultVersionInfo, - features, - logger, - ); - - codeQL = initCodeQLResult.codeql; + codeQL = await minimalInitCodeQL(logger, gitHubVersion, features); } const baseTempDir = path.resolve(tempDir, "combined-sarif");