github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-02 03:40:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update upload input values and logic (#1598)

Browse Source 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
This commit is contained in:
Angela P Wen
2023-03-23 10:23:25 -07:00
committed by GitHub
parent 0214d1d378
commit a21bb7f968
25 changed files with 206 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/init-action-post-helper.ts
+4 -1
View File
@@ -56,8 +56,11 @@ async function maybeUploadFailedSarif(
const workflow = await getWorkflow();
const jobName = getRequiredEnvParam("GITHUB_JOB");
const matrix = parseMatrixInput(actionsUtil.getRequiredInput("matrix"));
const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix);
if (
getUploadInputOrThrow(workflow, jobName, matrix) !== "true" ||
!["always", "failure-only"].includes(
actionsUtil.getUploadValue(shouldUpload)
) ||
isInTestMode()
) {
return { upload_failed_run_skipped_because: "SARIF upload is disabled" };