Merge pull request #13 from advanced-security/fix-script-reference

Fix script reference

Author: rvermeulen

.github/workflows/test-create-bundle.yml

@@ -7,12 +7,12 @@ jobs:
     name: "Create custom bundle"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
       - uses: advanced-security/codeql-bundle-action/download-bundle@v2
         id: download-bundle
         with:
           tag: "latest"
           platforms: "osx64,linux64,win64"
+      - uses: actions/checkout@v4
       - uses: advanced-security/codeql-bundle-action/create-bundle@v2
         id: create-bundle
         with:
@@ -22,7 +22,7 @@ jobs:
           default-code-scanning-config: "${{ github.workspace }}/tests/code-scanning-config.yml"
           platforms: "osx64,linux64,win64"
           debug: "true"
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: codeql-bundles
           path: ${{ steps.create-bundle.outputs.output-path }}

create-bundle/action.yml

@@ -39,8 +39,7 @@ runs:
         python -m pip install https://github.com/rvermeulen/codeql-bundle/releases/download/v0.2.0/codeql_bundle-0.2.0-py3-none-any.whl
         echo "::endgroup::"
       shell: bash
-    - run: create-bundle/create-bundle.sh
-      id: create-bundle
+    - id: create-bundle
       env:
         BUNDLE_PATH: ${{ inputs.bundle-path }}
         PACKS: ${{ inputs.packs }}
@@ -49,4 +48,40 @@ runs:
         PLATFORMS: ${{ inputs.platforms }}
         RUNNER_TEMP: ${{ runner.temp }}
         DEBUG: ${{ inputs.debug }}
-      shell: bash
+      shell: bash
+      run: |
+        #!/bin/bash
+
+        set -e
+
+        echo "::group::Creating CodeQL bundle."
+        echo "Using bundle at ${BUNDLE_PATH}."
+        echo "Using workspace at ${WORKSPACE}."
+        output_path=${RUNNER_TEMP}/codeql-bundle.tar.gz
+        opts=()
+        opts+=("--bundle" "${BUNDLE_PATH}")
+        opts+=("--workspace" "${WORKSPACE}")
+        if [[ -n ${PLATFORMS} ]]; then
+            echo "Targetting the platforms ${PLATFORMS}."
+            for platform in $(echo $PLATFORMS | tr ',' ' '); do
+            opts+=("--platform" "${platform}")
+            done
+            # When building multiple bundles, the output path is the directory containing the bundles
+            output_path=${RUNNER_TEMP}/bundles
+            mkdir -p ${output_path}
+        fi
+        opts+=("--output" "${output_path}")
+        if [[ -n ${DEFAULT_CODE_SCANNING_CONFIG} ]]; then
+            echo "Using code scanning config at ${DEFAULT_CODE_SCANNING_CONFIG} as the default config."
+            opts+=("--code-scanning-config" "${DEFAULT_CODE_SCANNING_CONFIG}")
+        fi
+
+        if [[ ${DEBUG} -eq "true" ]]; then
+            opts+=("--log DEBUG")
+        fi
+
+
+        codeql-bundle ${opts[@]} $(echo ${PACKS} | tr ',' ' ')
+        echo "::endgroup::"
+
+        echo "output-path=${output_path}" >> $GITHUB_OUTPUT

create-bundle/create-bundle.sh

@@ -20,11 +20,40 @@ outputs:
 runs:
   using: "composite"
   steps:
-    - run: download-bundle/download-bundle.sh
+    - id: download-bundle
       shell: bash
-      id: download-bundle
       env:
         TAG: ${{ inputs.tag }}
         PLATFORMS: ${{ inputs.platforms }}
         RUNNER_TEMP: ${{ runner.temp }}
-        GH_TOKEN: ${{ inputs.token }}
+        GH_TOKEN: ${{ inputs.token }}
+      run: |
+        #!/bin/bash
+
+        set -e
+
+        output_path=${RUNNER_TEMP}/codeql-bundle.tar.gz
+        platforms=()
+        if [[ -n ${PLATFORMS} ]]; then
+            for platform in $(echo $PLATFORMS | tr ',' ' '); do
+                platforms+=("${platform}")
+            done
+        fi
+
+        if [[ ${TAG} -ne "latest" ]]; then
+            opts+=("${TAG}")
+        fi
+
+        if [[ ${#platforms[@]} -eq 1 ]]; then
+            opts+=("--pattern codeql-bundle-${platforms[0]}.tar.gz")
+        else
+            opts+=("--pattern codeql-bundle.tar.gz")
+        fi
+
+        opts+=("--output ${output_path}")
+
+        echo "::group::Downloading CodeQL bundle"
+        gh release download --repo github/codeql-action ${opts[@]}
+        echo "::endgroup::"
+
+        echo "bundle-path=${output_path}" >> $GITHUB_OUTPUT