746f940d10
Merge remote-tracking branch 'origin/main' into mbg/csra/upload-failed-sarif-artifact
2026-03-09 18:32:36 +00:00
6123416ead
Merge remote-tracking branch 'origin/main' into henrymercer/parallel-unit-tests
2026-03-04 15:12:33 +01:00
e9e9733cb5
Merge branch 'main' into henrymercer/stub-actions-vars
2026-03-04 13:26:43 +01:00
675af55c60
Run some unit tests in parallel
2026-03-04 12:40:22 +01:00
281b265245
Address review comments
2026-03-04 12:16:54 +01:00
d4f1b14259
Use new setupActionsVars pattern
2026-03-03 19:24:18 +01:00
a05f541a6e
Record the job that published an overlay status
...
This makes it easier to find the job that produced the status.
2026-03-03 16:56:18 +01:00
e995ba3522
Add more tests/assertions
2026-02-27 12:52:54 +00:00
1e7e52a330
Add tests where upload should get skipped
2026-02-27 12:40:04 +00:00
383b86ddcb
Refactor some test setup code into mockRiskAssessmentEnv
2026-02-27 12:27:32 +00:00
ce97dfe405
Sanitise artifact name
2026-02-26 19:47:55 +00:00
003044eb84
Add test
2026-02-26 19:18:32 +00:00
56d1ccc87a
Change skipped reason message
2026-02-26 17:51:06 +00:00
0f3e632580
Rename secondary run to uploadFailureInfo
2026-02-26 17:47:32 +00:00
4191f52110
Address review comments
2026-02-19 17:57:08 +00:00
ef58c00dfe
Only store overlay status if analysis failed
2026-02-17 15:54:59 +00:00
6c405c2562
Be more explicit about attempt to build overlay DB
2026-02-17 15:54:57 +00:00
827bba691f
Introduce feature flags for saving and checking status
2026-02-17 15:54:57 +00:00
96961e0ee3
Save overlay status to Actions cache
2026-02-17 15:54:53 +00:00
db6938a4d0
Change check to be restrictive by default
2025-10-16 15:06:19 +01:00
c77b3fb96e
Skip failed SARIF upload if analysis-kinds: code-quality
2025-10-16 14:27:17 +01:00
2a54ab5016
Fix init-action-post-helper tests using broken Configs
2025-10-16 14:18:51 +01:00
7434149006
Upgrade Node.js version to 24.
...
This requires creating a new major-version (v4) of codeql-action.
2025-09-30 13:56:31 -05:00
136e8b7a95
Update sources of generated workflows
2025-08-12 10:21:02 +01:00
f8c2086872
Prefer providing CodeQL via dependency injection
2025-08-07 12:16:00 +01:00
02dfacf1c1
Fix linting errors
2025-01-15 13:57:55 +00:00
b296f2676c
Refactor: upload all available debug artifacts in init-post
...
Previously, we uploaded SARIF artifacts in the `analyze-post` step and database and log artifacts in the `init-post` step. As we migrate to the updated `artifact` dependencies, we want to switch to uploading all artifacts in one step.
In order to upload all artifacts in one go and maintain the artifacts at the root of the debug directory, we first move SARIF artifacts to the database directory. This should not affect any other consumers of the SARIF file as this occurs in the `init-post` step.
2024-09-11 15:09:29 -07:00
a1404425d9
Remove 2.12.6 from tests
2024-08-05 19:28:35 +01:00
0763ccfe11
Remove unneeded code for 2.13.4 and earlier
2024-08-05 17:48:55 +01:00
9679491cab
Avoid reloading features when uploading SARIF
2024-07-01 14:34:11 +02:00
6c2a71ced3
Remove redundant layer from upload files functions
2024-07-01 14:31:44 +02:00
1a60a91726
Remove support for CodeQL v2.12.5 and earlier
2024-04-09 12:29:14 +01:00
28b564f8c6
Add languages to the status report for all jobs
2024-02-26 19:03:28 +00:00
cc4fead714
update version in various hardcoded locations
2023-12-07 15:44:56 +00:00
04451e072f
Delete analysis after uploading
...
The analysis is purposefully failing. We don't want a failed analysis
sitting in the security center since this can cause some internal
checks to erroneously fail.
2023-11-10 13:26:01 -08:00
5e3a6935e7
Stub CodeQL version
2023-10-25 20:33:07 +01:00
d2b37ba145
Remove feature flag for uploading failed SARIF
2023-10-25 19:51:19 +01:00
e0103eab17
Use actions/checkout@v4
2023-09-28 20:30:31 +00:00
b16296be30
Auto-fix linting errors
2023-07-25 10:34:21 +02:00
56beae86dd
Remove feature flag for exporting the code scanning configuration flag
2023-07-05 16:26:20 +01:00
c8935d5a9d
Remove duplicate locations from failed run SARIF
2023-03-24 20:30:57 +00:00
a21bb7f968
Update upload input values and logic ( #1598 )
...
- The `upload` input to the `analyze` Action now accepts the following values:
- `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
- `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
- `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
- The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.
---------
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2023-03-23 17:23:25 +00:00
3cbd063679
Upload per-database diagnostic SARIFs on green and red runs ( #1556 )
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2023-03-20 21:09:04 +00:00
fc1366f6ec
Gate config export behind a feature flag
2023-03-09 16:44:45 +00:00
d98eadb536
Export configuration information for red runs
2023-03-07 21:21:47 +00:00
4789c1331c
Add more tests for uploading failed SARIF
...
Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.
2022-12-22 18:48:59 +00:00
3224214d91
Improve method naming
2022-12-22 18:33:06 +00:00
dc9c1c1a51
Add regression test for upload: false
2022-12-09 10:35:28 +00:00
384a214d60
Allow testing workflow parsing functionality from PR checks
2022-12-06 18:37:25 +00:00
697ed97fa5
Factor out some code in post-init tests
2022-12-06 18:23:55 +00:00
Michael B. Gale
Henry Mercer
Mario Campos
Angela P Wen
nickfyson
Andrew Eisenberg
David Leal