github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-27 01:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Dump soon to be uploaded SARIF on request

Browse Source 
This introduces a new internal environment variable flag
(`CODEQL_ACTION_SARIF_DUMP_DIR`) that, when set to `true`, causes the
SARIF file that will be uploaded to be dumped to the specified
directory. The filename will be `upload.sarif` or `upload.quality.sarif`
depending on the upload target.
This commit is contained in:
Paolo Tranquilli
2025-09-10 07:46:05 +02:00
parent 31d3ae847e
commit dae3742b0a
6 changed files with 112 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/environment.ts
+6
View File
@@ -119,4 +119,10 @@ export enum EnvVar {
* Whether to enable experimental extractors for CodeQL.
*/
EXPERIMENTAL_FEATURES = "CODEQL_ENABLE_EXPERIMENTAL_FEATURES",
/**
* Whether and where to dump the processed SARIF file that would be uploaded, regardless of
* whether the upload is disabled. This is intended for testing and debugging purposes.
*/
SARIF_DUMP_DIR = "CODEQL_ACTION_SARIF_DUMP_DIR",
}
src/upload-lib.ts
+30
View File
@@ -696,6 +696,12 @@ export async function uploadSpecifiedFiles(
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const dumpDir = process.env[EnvVar.SARIF_DUMP_DIR];
if (dumpDir) {
dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget);
}
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
const checkoutURI = url.pathToFileURL(checkoutPath).href;
@@ -742,6 +748,30 @@ export async function uploadSpecifiedFiles(
};
}
/**
* Dumps the given processed SARIF file contents to `outputDir`.
*/
function dumpSarifFile(
sarifPayload: string,
outputDir: string,
logger: Logger,
uploadTarget: analyses.AnalysisConfig,
) {
if (!fs.existsSync(outputDir)) {
fs.mkdirSync(outputDir, { recursive: true });
} else if (!fs.lstatSync(outputDir).isDirectory()) {
throw new ConfigurationError(
`The path specified by the CODEQL_ACTION_SARIF_DUMP_DIR environment variable exists and is not a directory: ${outputDir}`,
);
}
const outputFile = path.resolve(
outputDir,
`upload${uploadTarget.sarifExtension}`,
);
logger.info(`Dumping processed SARIF file to ${outputFile}`);
fs.writeFileSync(outputFile, sarifPayload);
}
const STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1000;
const STATUS_CHECK_TIMEOUT_MILLISECONDS = 2 * 60 * 1000;