robojerk/codeql-action

Merge pull request #1374 from github/henrymercer/pass-testing-environment

Browse source 
Set testing environment for CodeQL workflow
This commit is contained in:
Henry Mercer 2022-11-16 18:05:00 +00:00 committed by GitHub
commit 0f07790b74
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
72 changed files with 56 additions and 277 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/check-codescanning-config/action.yml vendored
View file

@ -42,6 +42,8 @@ runs:
packs: ${{ inputs.packs }}
tools: ${{ inputs.tools }}
db-location: ${{ runner.temp }}/codescanning-config-cli-test
env:
CODEQL_ACTION_TEST_MODE: 'true'
- name: Install dependencies
shell: bash

4
.github/query-filter-test/action.yml vendored
View file

@ -35,14 +35,14 @@ runs:
tools: ${{ inputs.tools }}
db-location: ${{ runner.temp }}/query-filter-test
env:
TEST_MODE: "true"
CODEQL_ACTION_TEST_MODE: "true"
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
upload-database: false
upload: false
env:
TEST_MODE: "true"
CODEQL_ACTION_TEST_MODE: "true"
- name: Check SARIF
uses: ./../action/.github/check-sarif
with:

6
.github/workflows/__analyze-ref-input.yml generated vendored
View file

@ -83,8 +83,6 @@ jobs:
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{
github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -92,7 +90,5 @@ jobs:
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
env:
TEST_MODE: true
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__autobuild-action.yml generated vendored
View file

@ -46,8 +46,6 @@ jobs:
with:
languages: csharp
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
env:
# Explicitly disable the CLR tracer.
@ -58,8 +56,6 @@ jobs:
CORECLR_PROFILER: ''
CORECLR_PROFILER_PATH_64: ''
- uses: ./../action/analyze
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -69,4 +65,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

4
.github/workflows/__export-file-baseline-information.yml generated vendored
View file

@ -49,7 +49,6 @@ jobs:
env:
CODEQL_FILE_BASELINE_INFORMATION: true
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -59,7 +58,6 @@ jobs:
env:
CODEQL_FILE_BASELINE_INFORMATION: true
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
TEST_MODE: true
- name: Upload SARIF
uses: actions/upload-artifact@v3
with:
@ -84,4 +82,4 @@ jobs:
fi
done
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

4
.github/workflows/__extractor-ram-threads.yml generated vendored
View file

@ -43,8 +43,6 @@ jobs:
languages: java
ram: 230
threads: 1
env:
TEST_MODE: true
- name: Assert Results
shell: bash
run: |
@ -65,4 +63,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__go-custom-queries.yml generated vendored
View file

@ -82,14 +82,10 @@ jobs:
languages: go
config-file: ./.github/codeql/custom-queries.yml
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__go-tracing-autobuilder.yml generated vendored
View file

@ -69,12 +69,8 @@ jobs:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then
@ -89,4 +85,4 @@ jobs:
fi
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__go-tracing-custom-build-steps.yml generated vendored
View file

@ -69,14 +69,10 @@ jobs:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: go build main.go
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
# Once we start running Bash 4.2 in all environments, we can replace the
@ -93,4 +89,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__go-tracing-legacy-workflow.yml generated vendored
View file

@ -69,11 +69,7 @@ jobs:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
cd "$RUNNER_TEMP/codeql_databases"
@ -83,4 +79,4 @@ jobs:
fi
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

4
.github/workflows/__init-with-registries.yml generated vendored
View file

@ -54,8 +54,6 @@ jobs:
packages: "*/*"
token: "${{ secrets.GITHUB_TOKEN }}"
env:
TEST_MODE: true
- name: Verify packages installed
shell: bash
run: |
@ -78,4 +76,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

4
.github/workflows/__javascript-source-root.yml generated vendored
View file

@ -52,8 +52,6 @@ jobs:
languages: javascript
source-root: ../new-source-root
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
with:
skip-queries: true
@ -67,4 +65,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__ml-powered-queries.yml generated vendored
View file

@ -71,15 +71,11 @@ jobs:
queries: security-extended
source-root: ./../action/tests/ml-powered-queries-repo
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
upload-database: false
env:
TEST_MODE: true
- name: Upload SARIF
uses: actions/upload-artifact@v3
@ -137,4 +133,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__multi-language-autodetect.yml generated vendored
View file

@ -69,15 +69,11 @@ jobs:
with:
db-location: ${{ runner.temp }}/customDbLocation
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- shell: bash
run: |
CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}
@ -111,4 +107,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__packaging-codescanning-config-inputs-js.yml generated vendored
View file

@ -60,16 +60,12 @@ jobs:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif
@ -95,4 +91,4 @@ jobs:
env:
CODEQL_PASS_CONFIG_TO_CLI: true
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__packaging-config-inputs-js.yml generated vendored
View file

@ -60,16 +60,12 @@ jobs:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif
@ -93,4 +89,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__packaging-config-js.yml generated vendored
View file

@ -59,16 +59,12 @@ jobs:
config-file: .github/codeql/codeql-config-packaging.yml
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif
@ -92,4 +88,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__packaging-inputs-js.yml generated vendored
View file

@ -60,16 +60,12 @@ jobs:
languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2, dsp-testing/codeql-pack3:other-query.ql
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif
@ -93,4 +89,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__remote-config.yml generated vendored
View file

@ -83,13 +83,9 @@ jobs:
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{
github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

4
.github/workflows/__rubocop-multi-language.yml generated vendored
View file

@ -58,7 +58,5 @@ jobs:
- uses: ./../action/upload-sarif
with:
sarif_file: rubocop.sarif
env:
TEST_MODE: true
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__ruby-autodetect.yml generated vendored
View file

@ -51,12 +51,8 @@ jobs:
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -67,4 +63,4 @@ jobs:
fi
env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES: 'true'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__ruby.yml generated vendored
View file

@ -52,12 +52,8 @@ jobs:
with:
languages: ruby
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -68,4 +64,4 @@ jobs:
fi
env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES: 'true'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

8
.github/workflows/__split-workflow.yml generated vendored
View file

@ -54,8 +54,6 @@ jobs:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -63,8 +61,6 @@ jobs:
with:
skip-queries: true
output: ${{ runner.temp }}/results
env:
TEST_MODE: true
- name: Assert No Results
shell: bash
@ -77,8 +73,6 @@ jobs:
with:
output: ${{ runner.temp }}/results
upload-database: false
env:
TEST_MODE: true
- name: Assert Results
shell: bash
run: |
@ -94,4 +88,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__swift-autobuild.yml generated vendored
View file

@ -46,13 +46,9 @@ jobs:
with:
languages: swift
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -63,4 +59,4 @@ jobs:
fi
env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__swift-custom-build.yml generated vendored
View file

@ -52,15 +52,11 @@ jobs:
with:
languages: swift
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -72,4 +68,4 @@ jobs:
env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true'
DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__test-autobuild-working-dir.yml generated vendored
View file

@ -49,14 +49,10 @@ jobs:
with:
languages: java
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
with:
working-directory: autobuild-dir
- uses: ./../action/analyze
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |
@ -66,4 +62,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__test-local-codeql.yml generated vendored
View file

@ -47,13 +47,9 @@ jobs:
- uses: ./../action/init
with:
tools: ./codeql-bundle.tar.gz
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

6
.github/workflows/__test-proxy.yml generated vendored
View file

@ -42,14 +42,10 @@ jobs:
with:
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
env:
TEST_MODE: true
env:
https_proxy: http://squid-proxy:3128
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true
container:
image: ubuntu:22.04
options: --dns 127.0.0.1

6
.github/workflows/__unset-environment.yml generated vendored
View file

@ -57,15 +57,11 @@ jobs:
with:
db-location: ${{ runner.temp }}/customDbLocation
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- shell: bash
run: |
CPP_DB="${{ fromJson(steps.analysis.outputs.db-locations).cpp }}"
@ -105,4 +101,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

8
.github/workflows/__upload-ref-sha-input.yml generated vendored
View file

@ -83,8 +83,6 @@ jobs:
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{
github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -93,13 +91,9 @@ jobs:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
upload: false
env:
TEST_MODE: true
- uses: ./../action/upload-sarif
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
env:
TEST_MODE: true
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

8
.github/workflows/__with-checkout-path.yml generated vendored
View file

@ -88,8 +88,6 @@ jobs:
languages: csharp,javascript
source-path: x/y/z/some-path/tests/multi-language-repo
debug: true
env:
TEST_MODE: true
- name: Build code (non-windows)
shell: bash
if: ${{ runner.os != 'Windows' }}
@ -106,16 +104,12 @@ jobs:
ref: v1.1.0
sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
upload: false
env:
TEST_MODE: true
- uses: ./../action/upload-sarif
with:
ref: v1.1.0
sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
checkout_path: x/y/z/some-path/tests/multi-language-repo
env:
TEST_MODE: true
- name: Verify SARIF after upload
shell: bash
@ -146,4 +140,4 @@ jobs:
exit 1
fi
env:
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
CODEQL_ACTION_TEST_MODE: true

3
.github/workflows/codeql.yml vendored
View file

@ -9,6 +9,9 @@ on:
# by other workflows.
types: [opened, synchronize, reopened, ready_for_review]
env:
CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
jobs:
# Identify the CodeQL tool versions to use in the analysis job.
check-codeql-versions:

7
.github/workflows/debug-artifacts-failure.yml vendored
View file

@ -23,6 +23,8 @@ jobs:
os: [ubuntu-latest, macos-latest]
name: Upload debug artifacts after failure in analyze
continue-on-error: true
env:
CODEQL_ACTION_TEST_MODE: true
timeout-minutes: 45
runs-on: ${{ matrix.os }}
steps:
@ -44,8 +46,6 @@ jobs:
debug: true
debug-artifact-name: my-debug-artifacts
debug-database-name: my-db
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -54,8 +54,6 @@ jobs:
with:
expect-error: true
ram: 1
env:
TEST_MODE: true
download-and-check-artifacts:
name: Download and check debug artifacts after failure in analyze
needs: upload-artifacts
@ -91,4 +89,3 @@ jobs:
done
env:
GO111MODULE: auto
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true

7
.github/workflows/debug-artifacts.yml vendored
View file

@ -45,6 +45,8 @@ jobs:
- os: macos-latest
version: nightly-latest
name: Upload debug artifacts
env:
CODEQL_ACTION_TEST_MODE: true
timeout-minutes: 45
runs-on: ${{ matrix.os }}
steps:
@ -64,15 +66,11 @@ jobs:
debug: true
debug-artifact-name: my-debug-artifacts
debug-database-name: my-db
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
download-and-check-artifacts:
name: Download and check debug artifacts
needs: upload-artifacts
@ -117,4 +115,3 @@ jobs:
done
env:
GO111MODULE: auto
INTERNAL_CODEQL_ACTION_DEBUG_LOC: true

6
.github/workflows/expected-queries-runs.yml vendored
View file

@ -17,6 +17,8 @@ on:
jobs:
expected-queries:
name: Expected Queries Tests
env:
CODEQL_ACTION_TEST_MODE: true
timeout-minutes: 45
runs-on: ubuntu-latest
steps:
@ -31,15 +33,11 @@ jobs:
with:
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
with:
output: ${{ runner.temp }}/results
upload-database: false
upload: false
env:
TEST_MODE: true
- name: Check Sarif
uses: ./../action/.github/check-sarif

3
.github/workflows/python-deps.yml vendored
View file

@ -148,6 +148,7 @@ jobs:
python_deps_type: pipenv
env:
CODEQL_ACTION_TEST_MODE: true
PYTHON_DEPS_TYPE: ${{ matrix.python_deps_type }}
PYTHON_VERSION: ${{ matrix.python_version }}
@ -165,8 +166,6 @@ jobs:
tools: latest
languages: python
setup-python-dependencies: false
env:
TEST_MODE: true
- name: Test Auto Package Installation
run: |

4
lib/shared-environment.js generated
View file

@ -1,6 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.CODEQL_ACTION_TESTING_ENVIRONMENT = exports.CODEQL_WORKFLOW_STARTED_AT = exports.ODASA_TRACER_CONFIGURATION = void 0;
exports.CODEQL_ACTION_TEST_MODE = exports.CODEQL_ACTION_TESTING_ENVIRONMENT = exports.CODEQL_WORKFLOW_STARTED_AT = exports.ODASA_TRACER_CONFIGURATION = void 0;
exports.ODASA_TRACER_CONFIGURATION = "ODASA_TRACER_CONFIGURATION";
// The time at which the first action (normally init) started executing.
// If a workflow invokes a different action without first invoking the init
@ -9,4 +9,6 @@ exports.ODASA_TRACER_CONFIGURATION = "ODASA_TRACER_CONFIGURATION";
// rather that the init action.
exports.CODEQL_WORKFLOW_STARTED_AT = "CODEQL_WORKFLOW_STARTED_AT";
exports.CODEQL_ACTION_TESTING_ENVIRONMENT = "CODEQL_ACTION_TESTING_ENVIRONMENT";
/** Used to disable uploading SARIF results or status reports to the GitHub API */
exports.CODEQL_ACTION_TEST_MODE = "CODEQL_ACTION_TEST_MODE";
//# sourceMappingURL=shared-environment.js.map

2
lib/shared-environment.js.map
View file

@ -1 +1 @@
{"version":3,"file":"shared-environment.js","sourceRoot":"","sources":["../src/shared-environment.ts"],"names":[],"mappings":";;;AAAa,QAAA,0BAA0B,GAAG,4BAA4B,CAAC;AACvE,wEAAwE;AACxE,2EAA2E;AAC3E,4EAA4E;AAC5E,2EAA2E;AAC3E,+BAA+B;AAClB,QAAA,0BAA0B,GAAG,4BAA4B,CAAC;AAE1D,QAAA,iCAAiC,GAC5C,mCAAmC,CAAC"}
{"version":3,"file":"shared-environment.js","sourceRoot":"","sources":["../src/shared-environment.ts"],"names":[],"mappings":";;;AAAa,QAAA,0BAA0B,GAAG,4BAA4B,CAAC;AACvE,wEAAwE;AACxE,2EAA2E;AAC3E,4EAA4E;AAC5E,2EAA2E;AAC3E,+BAA+B;AAClB,QAAA,0BAA0B,GAAG,4BAA4B,CAAC;AAE1D,QAAA,iCAAiC,GAC5C,mCAAmC,CAAC;AAEtC,kFAAkF;AACrE,QAAA,uBAAuB,GAAG,yBAAyB,CAAC"}

3
lib/util.js generated
View file

@ -37,6 +37,7 @@ const apiCompatibility = __importStar(require("./api-compatibility.json"));
const codeql_1 = require("./codeql");
const config_utils_1 = require("./config-utils");
const feature_flags_1 = require("./feature-flags");
const shared_environment_1 = require("./shared-environment");
/**
* Specifies bundle versions that are known to be broken
* and will not be used if found in the toolcache.
@ -557,7 +558,7 @@ exports.checkActionVersion = checkActionVersion;
* In test mode, we don't upload SARIF results or status reports to the GitHub API.
*/
function isInTestMode() {
return process.env["TEST_MODE"] === "true";
return process.env[shared_environment_1.CODEQL_ACTION_TEST_MODE] === "true";
}
exports.isInTestMode = isInTestMode;
/**

2
lib/util.js.map
View file

File diff suppressed because one or more lines are too long

4
pr-checks/checks/analyze-ref-input.yml
View file

@ -6,8 +6,6 @@ steps:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -15,5 +13,3 @@ steps:
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
env:
TEST_MODE: true

4
pr-checks/checks/autobuild-action.yml
View file

@ -6,8 +6,6 @@ steps:
with:
languages: csharp
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
env:
# Explicitly disable the CLR tracer.
@ -18,8 +16,6 @@ steps:
CORECLR_PROFILER: ""
CORECLR_PROFILER_PATH_64: ""
- uses: ./../action/analyze
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

2
pr-checks/checks/export-file-baseline-information.yml
View file

@ -9,7 +9,6 @@ steps:
env:
CODEQL_FILE_BASELINE_INFORMATION: true
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -19,7 +18,6 @@ steps:
env:
CODEQL_FILE_BASELINE_INFORMATION: true
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
TEST_MODE: true
- name: Upload SARIF
uses: actions/upload-artifact@v3
with:

2
pr-checks/checks/extractor-ram-threads.yml
View file

@ -8,8 +8,6 @@ steps:
languages: java
ram: 230
threads: 1
env:
TEST_MODE: true
- name: Assert Results
shell: bash
run: |

4
pr-checks/checks/go-custom-queries.yml
View file

@ -8,11 +8,7 @@ steps:
languages: go
config-file: ./.github/codeql/custom-queries.yml
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true

4
pr-checks/checks/go-tracing-autobuilder.yml
View file

@ -8,12 +8,8 @@ steps:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then

4
pr-checks/checks/go-tracing-custom-build-steps.yml
View file

@ -6,14 +6,10 @@ steps:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: go build main.go
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
# Once we start running Bash 4.2 in all environments, we can replace the

4
pr-checks/checks/go-tracing-legacy-workflow.yml
View file

@ -8,11 +8,7 @@ steps:
with:
languages: go
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
env:
TEST_MODE: true
- shell: bash
run: |
cd "$RUNNER_TEMP/codeql_databases"

2
pr-checks/checks/init-with-registries.yml
View file

@ -19,8 +19,6 @@ steps:
packages: "*/*"
token: "${{ secrets.GITHUB_TOKEN }}"
env:
TEST_MODE: true
- name: Verify packages installed
shell: bash
run: |

2
pr-checks/checks/javascript-source-root.yml
View file

@ -13,8 +13,6 @@ steps:
languages: javascript
source-root: ../new-source-root
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
with:
skip-queries: true

4
pr-checks/checks/ml-powered-queries.yml
View file

@ -14,15 +14,11 @@ steps:
queries: security-extended
source-root: ./../action/tests/ml-powered-queries-repo
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
with:
output: "${{ runner.temp }}/results"
upload-database: false
env:
TEST_MODE: true
- name: Upload SARIF
uses: actions/upload-artifact@v3

4
pr-checks/checks/multi-language-autodetect.yml
View file

@ -6,15 +6,11 @@ steps:
with:
db-location: "${{ runner.temp }}/customDbLocation"
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- shell: bash
run: |
CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}

4
pr-checks/checks/packaging-codescanning-config-inputs-js.yml
View file

@ -12,16 +12,12 @@ steps:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: "${{ runner.temp }}/results"
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif

4
pr-checks/checks/packaging-config-inputs-js.yml
View file

@ -8,16 +8,12 @@ steps:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: "${{ runner.temp }}/results"
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif

4
pr-checks/checks/packaging-config-js.yml
View file

@ -7,16 +7,12 @@ steps:
config-file: ".github/codeql/codeql-config-packaging.yml"
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: "${{ runner.temp }}/results"
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif

4
pr-checks/checks/packaging-inputs-js.yml
View file

@ -8,16 +8,12 @@ steps:
languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2, dsp-testing/codeql-pack3:other-query.ql
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
with:
output: "${{ runner.temp }}/results"
env:
TEST_MODE: true
- name: Check results
uses: ./../action/.github/check-sarif

4
pr-checks/checks/remote-config.yml
View file

@ -6,11 +6,7 @@ steps:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true

2
pr-checks/checks/rubocop-multi-language.yml
View file

@ -24,5 +24,3 @@ steps:
- uses: ./../action/upload-sarif
with:
sarif_file: rubocop.sarif
env:
TEST_MODE: true

4
pr-checks/checks/ruby-autodetect.yml
View file

@ -10,12 +10,8 @@ steps:
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

4
pr-checks/checks/ruby.yml
View file

@ -9,12 +9,8 @@ steps:
with:
languages: ruby
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

6
pr-checks/checks/split-workflow.yml
View file

@ -9,8 +9,6 @@ steps:
packs: +dsp-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -18,8 +16,6 @@ steps:
with:
skip-queries: true
output: "${{ runner.temp }}/results"
env:
TEST_MODE: true
- name: Assert No Results
shell: bash
@ -32,8 +28,6 @@ steps:
with:
output: "${{ runner.temp }}/results"
upload-database: false
env:
TEST_MODE: true
- name: Assert Results
shell: bash
run: |

4
pr-checks/checks/swift-autobuild.yml
View file

@ -10,13 +10,9 @@ steps:
with:
languages: swift
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

4
pr-checks/checks/swift-custom-build.yml
View file

@ -10,15 +10,11 @@ steps:
with:
languages: swift
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

4
pr-checks/checks/test-autobuild-working-dir.yml
View file

@ -14,14 +14,10 @@ steps:
with:
languages: java
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/autobuild
with:
working-directory: autobuild-dir
- uses: ./../action/analyze
env:
TEST_MODE: true
- name: Check database
shell: bash
run: |

4
pr-checks/checks/test-local-codeql.yml
View file

@ -12,11 +12,7 @@ steps:
- uses: ./../action/init
with:
tools: ./codeql-bundle.tar.gz
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
- uses: ./../action/analyze
env:
TEST_MODE: true

4
pr-checks/checks/test-proxy.yml
View file

@ -17,8 +17,4 @@ steps:
with:
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- uses: ./../action/analyze
env:
TEST_MODE: true

4
pr-checks/checks/unset-environment.yml
View file

@ -6,15 +6,11 @@ steps:
with:
db-location: ${{ runner.temp }}/customDbLocation
tools: ${{ steps.prepare-test.outputs.tools-url }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
- uses: ./../action/analyze
id: analysis
env:
TEST_MODE: true
- shell: bash
run: |
CPP_DB="${{ fromJson(steps.analysis.outputs.db-locations).cpp }}"

6
pr-checks/checks/upload-ref-sha-input.yml
View file

@ -6,8 +6,6 @@ steps:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: cpp,csharp,java,javascript,python
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
env:
TEST_MODE: true
- name: Build code
shell: bash
run: ./build.sh
@ -16,11 +14,7 @@ steps:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
upload: false
env:
TEST_MODE: true
- uses: ./../action/upload-sarif
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
env:
TEST_MODE: true

6
pr-checks/checks/with-checkout-path.yml
View file

@ -14,8 +14,6 @@ steps:
languages: csharp,javascript
source-path: x/y/z/some-path/tests/multi-language-repo
debug: true
env:
TEST_MODE: true
- name: Build code (non-windows)
shell: bash
if: ${{ runner.os != 'Windows' }}
@ -32,16 +30,12 @@ steps:
ref: v1.1.0
sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
upload: false
env:
TEST_MODE: true
- uses: ./../action/upload-sarif
with:
ref: v1.1.0
sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
checkout_path: x/y/z/some-path/tests/multi-language-repo
env:
TEST_MODE: true
- name: Verify SARIF after upload
shell: bash

2
pr-checks/sync.py
View file

@ -115,7 +115,7 @@ for file in os.listdir('checks'):
checkJob[key] = checkSpecification[key]
checkJob['env'] = checkJob.get('env', {})
checkJob['env']['INTERNAL_CODEQL_ACTION_DEBUG_LOC'] = True
checkJob['env']['CODEQL_ACTION_TEST_MODE'] = True
checkName = file[:len(file) - 4]
with open(f"../.github/workflows/__{checkName}.yml", 'w') as output_stream:

3
src/shared-environment.ts
View file

@ -8,3 +8,6 @@ export const CODEQL_WORKFLOW_STARTED_AT = "CODEQL_WORKFLOW_STARTED_AT";
export const CODEQL_ACTION_TESTING_ENVIRONMENT =
"CODEQL_ACTION_TESTING_ENVIRONMENT";
/** Used to disable uploading SARIF results or status reports to the GitHub API */
export const CODEQL_ACTION_TEST_MODE = "CODEQL_ACTION_TEST_MODE";

3
src/util.ts
View file

@ -20,6 +20,7 @@ import {
import { Feature, FeatureEnablement } from "./feature-flags";
import { Language } from "./languages";
import { Logger } from "./logging";
import { CODEQL_ACTION_TEST_MODE } from "./shared-environment";
/**
* Specifies bundle versions that are known to be broken
@ -664,7 +665,7 @@ export async function checkActionVersion(version: string) {
* In test mode, we don't upload SARIF results or status reports to the GitHub API.
*/
export function isInTestMode(): boolean {
return process.env["TEST_MODE"] === "true";
return process.env[CODEQL_ACTION_TEST_MODE] === "true";
}
/**