Introduce CODEQL_ACTION_SKIP_SARIF_UPLOAD

This triggers a subset of the behavior of `CODEQL_ACTION_TEST_MODE`,
specifically just skipping the SARIF upload step. This is required for
our internal testing where we want the SARIF file (via
`CODEQL_ACTION_DUMP_SARIF_DIR`) but don't want to actually upload it,
but we don't want the rest of the behaviour of `CODEQL_ACTION_TEST_MODE`
that is specific for `codeql-action` own CI checks.

lib/analyze-action.js

@@ -89773,6 +89773,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -95532,17 +95535,15 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, target) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path18.join(
       getTemporaryDirectory(),
       "payload.json"
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {

lib/init-action-post.js

@@ -128072,6 +128072,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -133008,17 +133011,15 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, target) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path17.join(
       getTemporaryDirectory(),
       "payload.json"
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {
@@ -133585,7 +133586,7 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) {
   const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix);
   if (!["always", "failure-only"].includes(
     getUploadValue(shouldUpload)
-  ) || isInTestMode()) {
+  ) || shouldSkipSarifUpload()) {
     return { upload_failed_run_skipped_because: "SARIF upload is disabled" };
   }
   const category = getCategoryInputOrThrow(workflow, jobName, matrix);

lib/upload-lib.js

@@ -88340,6 +88340,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -92367,17 +92370,15 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, target) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path14.join(
       getTemporaryDirectory(),
       "payload.json"
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {

lib/upload-sarif-action.js

@@ -88457,6 +88457,9 @@ function isGoodVersion(versionSpec) {
 function isInTestMode() {
   return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true";
 }
+function shouldSkipSarifUpload() {
+  return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true";
+}
 function getTestingEnvironment() {
   const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || "";
   if (testingEnvironment === "") {
@@ -93039,17 +93042,15 @@ function getAutomationID2(category, analysis_key, environment) {
 }
 async function uploadPayload(payload, repositoryNwo, logger, target) {
   logger.info("Uploading results");
-  if (isInTestMode()) {
+  if (shouldSkipSarifUpload()) {
     const payloadSaveFile = path15.join(
       getTemporaryDirectory(),
       "payload.json"
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
   const client = getApiClient();
   try {
@@ -93570,8 +93571,8 @@ async function run() {
       core13.setOutput("sarif-id", codeScanningResult.sarifID);
     }
     core13.setOutput("sarif-ids", JSON.stringify(uploadResults));
-    if (isInTestMode()) {
-      core13.debug("In test mode. Waiting for processing is disabled.");
+    if (shouldSkipSarifUpload()) {
+      core13.debug("SARIF upload disabled. Waiting for processing is disabled.");
     } else if (getRequiredInput("wait-for-processing") === "true") {
       if (codeScanningResult !== void 0) {
         await waitForProcessing(

src/environment.ts

@@ -128,4 +128,10 @@ export enum EnvVar {
    * whether the upload is disabled. This is intended for testing and debugging purposes.
    */
   SARIF_DUMP_DIR = "CODEQL_ACTION_SARIF_DUMP_DIR",
+
+  /**
+   * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes.
+   * This setting is implied but is more specific than `CODEQL_ACTION_TEST_MODE`.
+   */
+  SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD",
 }

src/init-action-post-helper.ts

@@ -19,8 +19,8 @@ import {
   delay,
   getErrorMessage,
   getRequiredEnvParam,
-  isInTestMode,
   parseMatrixInput,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 import {
@@ -81,7 +81,7 @@ async function maybeUploadFailedSarif(
     !["always", "failure-only"].includes(
       actionsUtil.getUploadValue(shouldUpload),
     ) ||
-    isInTestMode()
+    shouldSkipSarifUpload()
   ) {
     return { upload_failed_run_skipped_because: "SARIF upload is disabled" };
   }

src/upload-lib.ts

@@ -356,18 +356,16 @@ async function uploadPayload(
 ): Promise<string> {
   logger.info("Uploading results");
 
-  // If in test mode we don't want to upload the results
-  if (util.isInTestMode()) {
+  // If in test mode we don't want to upload the results,
+  if (util.shouldSkipSarifUpload()) {
     const payloadSaveFile = path.join(
       actionsUtil.getTemporaryDirectory(),
       "payload.json",
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`,
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
 
   const client = api.getApiClient();

src/upload-sarif-action.ts

@@ -23,7 +23,7 @@ import {
   checkDiskUsage,
   getErrorMessage,
   initializeEnvironment,
-  isInTestMode,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 
@@ -113,8 +113,8 @@ async function run() {
     core.setOutput("sarif-ids", JSON.stringify(uploadResults));
 
     // We don't upload results in test mode, so don't wait for processing
-    if (isInTestMode()) {
-      core.debug("In test mode. Waiting for processing is disabled.");
+    if (shouldSkipSarifUpload()) {
+      core.debug("SARIF upload disabled. Waiting for processing is disabled.");
     } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") {
       if (codeScanningResult !== undefined) {
         await upload_lib.waitForProcessing(

src/util.ts

@@ -764,12 +764,19 @@ export function isGoodVersion(versionSpec: string) {
 /**
  * Returns whether we are in test mode. This is used by CodeQL Action PR checks.
  *
- * In test mode, we don't upload SARIF results or status reports to the GitHub API.
+ * In test mode, we several uploads (SARIF results, status reports, DBs, ...).
  */
 export function isInTestMode(): boolean {
   return process.env[EnvVar.TEST_MODE] === "true";
 }
 
+/**
+ * Returns whether we specifically want to skip uploading SARIF files.
+ */
+export function shouldSkipSarifUpload(): boolean {
+  return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true";
+}
+
 /**
  * Get the testing environment.
  *