Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Submit SARIF for failed runs too #1393

Merged
merged 23 commits into from
Dec 2, 2022
Merged
Show file tree
Hide file tree
Changes from 21 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
e233806
Add `diagnostics export` command
henrymercer Nov 9, 2022
44ae944
Add a workflow to test reporting a failed run
henrymercer Nov 22, 2022
9de6c31
Log matrix input
henrymercer Nov 22, 2022
4d4e250
Use a matrix in testing workflow
henrymercer Nov 22, 2022
3cf2a1b
Add function for retrieving the "upload" input
henrymercer Nov 23, 2022
3afc2b1
Add feature flag for uploading failed SARIF
henrymercer Nov 23, 2022
5296a76
Upload failed SARIF files to Code Scanning
henrymercer Nov 23, 2022
8337c2b
Only upload failed SARIF if the run failed
henrymercer Nov 25, 2022
122b180
Add an integration test for uploading SARIF when the run fails
henrymercer Nov 25, 2022
37b4358
Handle API versions that reject unsuccessful executions
henrymercer Nov 25, 2022
d0517be
Ensure we finish the log group when waiting for processing
henrymercer Nov 25, 2022
24fd4c0
Generate the "Submit SARIF after failure" workflow
henrymercer Nov 25, 2022
7fc3c60
Add changelog note
henrymercer Nov 25, 2022
e628ee0
Push unsuccessful execution API error detection into upload library
henrymercer Nov 29, 2022
00a3c45
Always wait for processing when uploading a failed SARIF file
henrymercer Nov 29, 2022
e0dec83
Explicitly mention surrounding by try/catch in JSDoc
henrymercer Nov 29, 2022
58b2ab0
Add unit test for typical workflow
henrymercer Nov 29, 2022
6c5cad7
Merge branch 'henrymercer/parse-category' into henrymercer/report-fai…
henrymercer Nov 29, 2022
3d90c4f
Improve error message when failed SARIF file doesn't process as expected
henrymercer Nov 30, 2022
77cda4d
Add testing environment to submit SARIF after failure PR check
henrymercer Nov 30, 2022
98b2ddc
Merge branch 'main' into henrymercer/report-failed-runs
henrymercer Dec 1, 2022
e0ff272
Merge branch 'main' into henrymercer/report-failed-runs
henrymercer Dec 2, 2022
375daca
Only print the full error message in debug mode
henrymercer Dec 2, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 72 additions & 0 deletions .github/workflows/__submit-sarif-failure.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## [UNRELEASED]

No user facing changes.
- Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. [#1393](https://github.com/github/codeql-action/pull/1393)

## 2.1.35 - 01 Dec 2022

Expand Down
2 changes: 2 additions & 0 deletions analyze/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ inputs:
upload:
description: Upload the SARIF file to Code Scanning
required: false
# If changing this, make sure to update workflow.ts accordingly.
default: "true"
cleanup-level:
description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --mode flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
Expand Down Expand Up @@ -44,6 +45,7 @@ inputs:
checkout_path:
description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
required: false
# If changing this, make sure to update workflow.ts accordingly.
default: ${{ github.workspace }}
ref:
description: "The ref where results will be uploaded. If not provided, the Action will use the GITHUB_REF environment variable. If provided, the sha input must be provided as well. This input is not available in pull requests from forks."
Expand Down
8 changes: 4 additions & 4 deletions lib/actions-util.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/actions-util.js.map

Large diffs are not rendered by default.

4 changes: 3 additions & 1 deletion lib/analyze-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading