github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-07 22:30:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor CodeQL init code from combineSarifFilesUsingCLI into a new function

Browse Source
This commit is contained in:
Michael B. Gale
2025-08-06 15:14:31 +01:00
parent a625e1693a
commit f4bf13aa48
3 changed files with 61 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/upload-lib.js
Generated
+19 -11
View File
@@ -39,6 +39,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
exports.InvalidSarifUploadError = exports.CodeQualityTarget = exports.CodeScanningTarget = exports.SARIF_UPLOAD_ENDPOINT = void 0;
exports.shouldShowCombineSarifFilesDeprecationWarning = shouldShowCombineSarifFilesDeprecationWarning;
exports.throwIfCombineSarifFilesDisabled = throwIfCombineSarifFilesDisabled;
exports.initCodeQLForUpload = initCodeQLForUpload;
exports.populateRunAutomationDetails = populateRunAutomationDetails;
exports.findSarifFilesInDir = findSarifFilesInDir;
exports.getSarifFilePaths = getSarifFilePaths;
@@ -168,6 +169,23 @@ async function shouldDisableCombineSarifFiles(sarifObjects, githubVersion) {
// error if multiple runs with the same category are uploaded.
return true;
}
/**
* Minimally initialises CodeQL if needed to combine SARIF files and CodeQL
* wasn't already initialised before.
*/
async function initCodeQLForUpload(gitHubVersion, features, tempDir, logger) {
logger.info("Initializing CodeQL since the 'init' Action was not called before this step.");
const apiDetails = {
auth: actionsUtil.getRequiredInput("token"),
externalRepoAuth: actionsUtil.getOptionalInput("external-repository-token"),
url: (0, util_1.getRequiredEnvParam)("GITHUB_SERVER_URL"),
apiURL: (0, util_1.getRequiredEnvParam)("GITHUB_API_URL"),
};
const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(gitHubVersion.type);
const initCodeQLResult = await (0, init_1.initCodeQL)(undefined, // There is no tools input on the upload action
apiDetails, tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, features, logger);
return initCodeQLResult.codeql;
}
// Takes a list of paths to sarif files and combines them together using the
// CLI `github merge-results` command when all SARIF files are produced by
// CodeQL. Otherwise, it will fall back to combining the files in the action.
@@ -201,17 +219,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo
tempDir = config.tempDir;
}
else {
logger.info("Initializing CodeQL since the 'init' Action was not called before this step.");
const apiDetails = {
auth: actionsUtil.getRequiredInput("token"),
externalRepoAuth: actionsUtil.getOptionalInput("external-repository-token"),
url: (0, util_1.getRequiredEnvParam)("GITHUB_SERVER_URL"),
apiURL: (0, util_1.getRequiredEnvParam)("GITHUB_API_URL"),
};
const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(gitHubVersion.type);
const initCodeQLResult = await (0, init_1.initCodeQL)(undefined, // There is no tools input on the upload action
apiDetails, tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, features, logger);
codeQL = initCodeQLResult.codeql;
codeQL = await initCodeQLForUpload(gitHubVersion, features, tempDir, logger);
}
if (!(await codeQL.supportsFeature(tools_features_1.ToolsFeature.SarifMergeRunsFromEqualCategory))) {
await throwIfCombineSarifFilesDisabled(sarifObjects, gitHubVersion);