Merge pull request #3180 from github/redsun82/skip-sarif-upload

Introduce `CODEQL_ACTION_SKIP_SARIF_UPLOAD`

lib/analyze-action.js

@@ -89773,6 +89773,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -95577,17 +95580,17 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, analysis) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path18.join(
       getTemporaryDirectory(),
       `payload-${analysis.kind}.json`
     );
     logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
+      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
     );
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {

lib/init-action-post.js

@@ -128072,6 +128072,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -133053,17 +133056,17 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, analysis) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path17.join(
       getTemporaryDirectory(),
       `payload-${analysis.kind}.json`
     );
     logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
+      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
     );
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {
@@ -133630,7 +133633,7 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) {
   const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix);
   if (!["always", "failure-only"].includes(
     getUploadValue(shouldUpload)
-  ) || isInTestMode()) {
+  ) || shouldSkipSarifUpload()) {
     return { upload_failed_run_skipped_because: "SARIF upload is disabled" };
   }
   const category = getCategoryInputOrThrow(workflow, jobName, matrix);

lib/upload-lib.js

@@ -88340,6 +88340,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -92412,17 +92415,17 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, analysis) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path14.join(
       getTemporaryDirectory(),
       `payload-${analysis.kind}.json`
     );
     logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
+      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
     );
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {

lib/upload-sarif-action.js

@@ -88457,6 +88457,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -93084,17 +93087,17 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, analysis) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path15.join(
       getTemporaryDirectory(),
       `payload-${analysis.kind}.json`
     );
     logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
+      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
     );
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {
@@ -93615,8 +93618,10 @@ async function run() {
       core13.setOutput("sarif-id", codeScanningResult.sarifID);
     }
     core13.setOutput("sarif-ids", JSON.stringify(uploadResults));
-    if (isInTestMode()) {
-      core13.debug("In test mode. Waiting for processing is disabled.");
+    if (shouldSkipSarifUpload()) {
+      core13.debug(
+        "SARIF upload disabled by an environment variable. Waiting for processing is disabled."
+      );
     } else if (getRequiredInput("wait-for-processing") === "true") {
       if (codeScanningResult !== void 0) {
         await waitForProcessing(

src/environment.ts

@@ -128,4 +128,10 @@ export enum EnvVar {
    * whether the upload is disabled. This is intended for testing and debugging purposes.
    */
   SARIF_DUMP_DIR = "CODEQL_ACTION_SARIF_DUMP_DIR",
+
+  /**
+   * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes.
+   * This setting is more specific than `CODEQL_ACTION_TEST_MODE`, which implies this option.
+   */
+  SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD",
 }

src/init-action-post-helper.ts

@@ -19,8 +19,8 @@ import {
   delay,
   getErrorMessage,
   getRequiredEnvParam,
-  isInTestMode,
   parseMatrixInput,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 import {
@@ -81,7 +81,7 @@ async function maybeUploadFailedSarif(
     !["always", "failure-only"].includes(
       actionsUtil.getUploadValue(shouldUpload),
     ) ||
-    isInTestMode()
+    shouldSkipSarifUpload()
   ) {
     return { upload_failed_run_skipped_because: "SARIF upload is disabled" };
   }

src/upload-lib.ts

@@ -356,18 +356,17 @@ async function uploadPayload(
 ): Promise<string> {
   logger.info("Uploading results");
 
-  // If in test mode we don't want to upload the results
-  if (util.isInTestMode()) {
+  if (util.shouldSkipSarifUpload()) {
     const payloadSaveFile = path.join(
       actionsUtil.getTemporaryDirectory(),
       `payload-${analysis.kind}.json`,
     );
     logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`,
+      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`,
     );
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
 
   const client = api.getApiClient();

src/upload-sarif-action.ts

@@ -23,7 +23,7 @@ import {
   checkDiskUsage,
   getErrorMessage,
   initializeEnvironment,
-  isInTestMode,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 
@@ -113,8 +113,10 @@ async function run() {
     core.setOutput("sarif-ids", JSON.stringify(uploadResults));
 
     // We don't upload results in test mode, so don't wait for processing
-    if (isInTestMode()) {
-      core.debug("In test mode. Waiting for processing is disabled.");
+    if (shouldSkipSarifUpload()) {
+      core.debug(
+        "SARIF upload disabled by an environment variable. Waiting for processing is disabled.",
+      );
     } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") {
       if (codeScanningResult !== undefined) {
         await upload_lib.waitForProcessing(

src/util.ts

@@ -764,12 +764,19 @@ export function isGoodVersion(versionSpec: string) {
 /**
  * Returns whether we are in test mode. This is used by CodeQL Action PR checks.
  *
- * In test mode, we don't upload SARIF results or status reports to the GitHub API.
+ * In test mode, we skip several uploads (SARIF results, status reports, DBs, ...).
  */
 export function isInTestMode(): boolean {
   return process.env[EnvVar.TEST_MODE] === "true";
 }
 
+/**
+ * Returns whether we specifically want to skip uploading SARIF files.
+ */
+export function shouldSkipSarifUpload(): boolean {
+  return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true";
+}
+
 /**
  * Get the testing environment.
  *