Merge pull request #1390 from github/henrymercer/remove-dead-code

Remove some dead code

lib/analyze-action.js

@@ -170,7 +170,7 @@ async function run() {
         }
         core.setOutput("db-locations", dbLocations);
         if (runStats && actionsUtil.getRequiredInput("upload") === "true") {
-            uploadResult = await upload_lib.uploadFromActions(outputDir, config.gitHubVersion, logger);
+            uploadResult = await upload_lib.uploadFromActions(outputDir, logger);
             core.setOutput("sarif-id", uploadResult.sarifID);
         }
         else {

lib/codeql.js

@@ -120,20 +120,14 @@ function getCodeQLBundleName() {
     return `codeql-bundle-${platform}.tar.gz`;
 }
 function getCodeQLActionRepository(logger) {
-    if (process.env["GITHUB_ACTION_REPOSITORY"] !== undefined) {
-        return process.env["GITHUB_ACTION_REPOSITORY"];
-    }
-    // The Actions Runner used with GitHub Enterprise Server 2.22 did not set the GITHUB_ACTION_REPOSITORY variable.
-    // This fallback logic can be removed after the end-of-support for 2.22 on 2021-09-23.
     if ((0, actions_util_1.isRunningLocalAction)()) {
         // This handles the case where the Action does not come from an Action repository,
         // e.g. our integration tests which use the Action code from the current checkout.
+        // In these cases, the GITHUB_ACTION_REPOSITORY environment variable is not set.
         logger.info("The CodeQL Action is checked out locally. Using the default CodeQL Action repository.");
         return exports.CODEQL_DEFAULT_ACTION_REPOSITORY;
     }
-    logger.info("GITHUB_ACTION_REPOSITORY environment variable was not set. Falling back to legacy method of finding the GitHub Action.");
+    return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
-    const relativeScriptPathParts = (0, actions_util_1.getRelativeScriptPath)().split(path.sep);
-    return `${relativeScriptPathParts[0]}/${relativeScriptPathParts[1]}`;
 }
 exports.getCodeQLActionRepository = getCodeQLActionRepository;
 async function getCodeQLBundleDownloadURL(apiDetails, variant, logger) {

lib/codeql.test.js

@@ -32,6 +32,7 @@ const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
 const nock_1 = __importDefault(require("nock"));
 const sinon = __importStar(require("sinon"));
+const actionsUtil = __importStar(require("./actions-util"));
 const codeql = __importStar(require("./codeql"));
 const defaults = __importStar(require("./defaults.json"));
 const feature_flags_1 = require("./feature-flags");
@@ -297,6 +298,8 @@ for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCAC
     process.env["RUNNER_TEMP"] = path.dirname(__dirname);
     const repoLocalRunner = codeql.getCodeQLActionRepository(logger);
     t.deepEqual(repoLocalRunner, "github/codeql-action");
+    // isRunningLocalAction() === false
+    sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
     process.env["GITHUB_ACTION_REPOSITORY"] = "xxx/yyy";
     const repoEnv = codeql.getCodeQLActionRepository(logger);
     t.deepEqual(repoEnv, "xxx/yyy");

lib/upload-lib.js

@@ -30,7 +30,6 @@ const zlib_1 = __importDefault(require("zlib"));
 const core = __importStar(require("@actions/core"));
 const file_url_1 = __importDefault(require("file-url"));
 const jsonschema = __importStar(require("jsonschema"));
-const semver = __importStar(require("semver"));
 const actionsUtil = __importStar(require("./actions-util"));
 const api = __importStar(require("./api-client"));
 const fingerprints = __importStar(require("./fingerprints"));
@@ -129,8 +128,8 @@ exports.findSarifFilesInDir = findSarifFilesInDir;
 // Uploads a single sarif file or a directory of sarif files
 // depending on what the path happens to refer to.
 // Returns true iff the upload occurred and succeeded
-async function uploadFromActions(sarifPath, gitHubVersion, logger) {
+async function uploadFromActions(sarifPath, logger) {
-    return await uploadFiles(getSarifFilePaths(sarifPath), (0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(actionsUtil.getRequiredInput("checkout_path")), await actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getOptionalInput("category"), util.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), gitHubVersion, logger);
+    return await uploadFiles(getSarifFilePaths(sarifPath), (0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(actionsUtil.getRequiredInput("checkout_path")), await actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getOptionalInput("category"), util.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), logger);
 }
 exports.uploadFromActions = uploadFromActions;
 function getSarifFilePaths(sarifPath) {
@@ -193,7 +192,7 @@ function validateSarifFileSchema(sarifFilePath, logger) {
 exports.validateSarifFileSchema = validateSarifFileSchema;
 // buildPayload constructs a map ready to be uploaded to the API from the given
 // parameters, respecting the current mode and target GitHub instance version.
-function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, gitHubVersion, mergeBaseCommitOid) {
+function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, mergeBaseCommitOid) {
     const payloadObj = {
         commit_oid: commitOid,
         ref,
@@ -208,26 +207,22 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
         base_ref: undefined,
         base_sha: undefined,
     };
-    // This behaviour can be made the default when support for GHES 3.0 is discontinued.
+    if (actionsUtil.workflowEventName() === "pull_request") {
-    if (gitHubVersion.type !== util.GitHubVariant.GHES ||
+        if (commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
-        semver.satisfies(gitHubVersion.version, `>=3.1`)) {
+            mergeBaseCommitOid) {
-        if (actionsUtil.workflowEventName() === "pull_request") {
+            // We're uploading results for the merge commit
-            if (commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
+            // and were able to determine the merge base.
-                mergeBaseCommitOid) {
+            // So we use that as the most accurate base.
-                // We're uploading results for the merge commit
+            payloadObj.base_ref = `refs/heads/${util.getRequiredEnvParam("GITHUB_BASE_REF")}`;
-                // and were able to determine the merge base.
+            payloadObj.base_sha = mergeBaseCommitOid;
-                // So we use that as the most accurate base.
+        }
-                payloadObj.base_ref = `refs/heads/${util.getRequiredEnvParam("GITHUB_BASE_REF")}`;
+        else if (process.env.GITHUB_EVENT_PATH) {
-                payloadObj.base_sha = mergeBaseCommitOid;
+            // Either we're not uploading results for the merge commit
-            }
+            // or we could not determine the merge base.
-            else if (process.env.GITHUB_EVENT_PATH) {
+            // Using the PR base is the only option here
-                // Either we're not uploading results for the merge commit
+            const githubEvent = JSON.parse(fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8"));
-                // or we could not determine the merge base.
+            payloadObj.base_ref = `refs/heads/${githubEvent.pull_request.base.ref}`;
-                // Using the PR base is the only option here
+            payloadObj.base_sha = githubEvent.pull_request.base.sha;
-                const githubEvent = JSON.parse(fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8"));
-                payloadObj.base_ref = `refs/heads/${githubEvent.pull_request.base.ref}`;
-                payloadObj.base_sha = githubEvent.pull_request.base.sha;
-            }
         }
     }
     return payloadObj;
@@ -235,7 +230,7 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
 exports.buildPayload = buildPayload;
 // Uploads the given set of sarif files.
 // Returns true iff the upload occurred and succeeded
-async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, category, analysisName, workflowRunID, sourceRoot, environment, gitHubVersion, logger) {
+async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, category, analysisName, workflowRunID, sourceRoot, environment, logger) {
     logger.startGroup("Uploading results");
     logger.info(`Processing sarif files: ${JSON.stringify(sarifFiles)}`);
     // Validate that the files we were asked to upload are all valid SARIF files
@@ -252,7 +247,7 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
     const sarifPayload = JSON.stringify(sarif);
     const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
     const checkoutURI = (0, file_url_1.default)(sourceRoot);
-    const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, gitHubVersion, await actionsUtil.determineMergeBaseCommitOid());
+    const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid());
     // Log some useful debug info about the info
     const rawUploadSizeBytes = sarifPayload.length;
     logger.debug(`Raw upload size: ${rawUploadSizeBytes} bytes`);

lib/upload-lib.test.js

@@ -42,45 +42,24 @@ ava_1.default.beforeEach(() => {
     const inputFile = `${__dirname}/../src/testdata/invalid-sarif.sarif`;
     t.throws(() => uploadLib.validateSarifFileSchema(inputFile, (0, logging_1.getRunnerLogger)(true)));
 });
-(0, ava_1.default)("validate correct payload used per version", async (t) => {
+(0, ava_1.default)("validate correct payload used for push, PR merge commit, and PR head", async (t) => {
-    const newVersions = [
-        { type: util_1.GitHubVariant.DOTCOM },
-        { type: util_1.GitHubVariant.GHES, version: "3.1.0" },
-    ];
-    const oldVersions = [
-        { type: util_1.GitHubVariant.GHES, version: "2.22.1" },
-        { type: util_1.GitHubVariant.GHES, version: "3.0.0" },
-    ];
-    const allVersions = newVersions.concat(oldVersions);
     process.env["GITHUB_EVENT_NAME"] = "push";
-    for (const version of allVersions) {
+    const pushPayload = uploadLib.buildPayload("commit", "refs/heads/master", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], "mergeBaseCommit");
-        const payload = uploadLib.buildPayload("commit", "refs/heads/master", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], version, "mergeBaseCommit");
+    // Not triggered by a pull request
-        // Not triggered by a pull request
+    t.falsy(pushPayload.base_ref);
-        t.falsy(payload.base_ref);
+    t.falsy(pushPayload.base_sha);
-        t.falsy(payload.base_sha);
-    }
     process.env["GITHUB_EVENT_NAME"] = "pull_request";
     process.env["GITHUB_SHA"] = "commit";
     process.env["GITHUB_BASE_REF"] = "master";
     process.env["GITHUB_EVENT_PATH"] = `${__dirname}/../src/testdata/pull_request.json`;
-    for (const version of newVersions) {
+    const prMergePayload = uploadLib.buildPayload("commit", "refs/pull/123/merge", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], "mergeBaseCommit");
-        const payload = uploadLib.buildPayload("commit", "refs/pull/123/merge", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], version, "mergeBaseCommit");
+    // Uploads for a merge commit use the merge base
-        // Uploads for a merge commit use the merge base
+    t.deepEqual(prMergePayload.base_ref, "refs/heads/master");
-        t.deepEqual(payload.base_ref, "refs/heads/master");
+    t.deepEqual(prMergePayload.base_sha, "mergeBaseCommit");
-        t.deepEqual(payload.base_sha, "mergeBaseCommit");
+    const prHeadPayload = uploadLib.buildPayload("headCommit", "refs/pull/123/head", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], "mergeBaseCommit");
-    }
+    // Uploads for the head use the PR base
-    for (const version of newVersions) {
+    t.deepEqual(prHeadPayload.base_ref, "refs/heads/master");
-        const payload = uploadLib.buildPayload("headCommit", "refs/pull/123/head", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], version, "mergeBaseCommit");
+    t.deepEqual(prHeadPayload.base_sha, "f95f852bd8fca8fcc58a9a2d6c842781e32a215e");
-        // Uploads for the head use the PR base
-        t.deepEqual(payload.base_ref, "refs/heads/master");
-        t.deepEqual(payload.base_sha, "f95f852bd8fca8fcc58a9a2d6c842781e32a215e");
-    }
-    for (const version of oldVersions) {
-        const payload = uploadLib.buildPayload("commit", "refs/pull/123/merge", "key", undefined, "", undefined, "/opt/src", undefined, ["CodeQL", "eslint"], version, "mergeBaseCommit");
-        // These older versions won't expect these values
-        t.falsy(payload.base_ref);
-        t.falsy(payload.base_sha);
-    }
 });
 (0, ava_1.default)("finding SARIF files", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {

lib/upload-sarif-action.js

@@ -21,7 +21,6 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
-const api_client_1 = require("./api-client");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
 const upload_lib = __importStar(require("./upload-lib"));
@@ -44,8 +43,7 @@ async function run() {
         return;
     }
     try {
-        const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
+        const uploadResult = await upload_lib.uploadFromActions(actionsUtil.getRequiredInput("sarif_file"), (0, logging_1.getActionsLogger)());
-        const uploadResult = await upload_lib.uploadFromActions(actionsUtil.getRequiredInput("sarif_file"), gitHubVersion, (0, logging_1.getActionsLogger)());
         core.setOutput("sarif-id", uploadResult.sarifID);
         // We don't upload results in test mode, so don't wait for processing
         if ((0, util_1.isInTestMode)()) {

lib/upload-sarif-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,6CAAgD;AAChD,uCAA6C;AAC7C,6CAAkD;AAClD,yDAA2C;AAC3C,iCAKgB;AAEhB,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAMvC,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAA,4BAAqB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,IAAA,yBAAkB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACtC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,UAAU,EACV,SAAS,CACV,CACF,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAE/C,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,iBAAiB,CACrD,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,aAAa,EACb,IAAA,0BAAgB,GAAE,CACnB,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;QAEjD,qEAAqE;QACrE,IAAI,IAAA,mBAAY,GAAE,EAAE;YAClB,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;SACjE;aAAM,IAAI,WAAW,CAAC,gBAAgB,CAAC,qBAAqB,CAAC,KAAK,MAAM,EAAE;YACzE,MAAM,UAAU,CAAC,iBAAiB,CAChC,IAAA,+BAAkB,EAAC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,EAC5D,YAAY,CAAC,OAAO,EACpB,IAAA,0BAAgB,GAAE,CACnB,CAAC;SACH;QACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,YAAY,CAAC,YAAY,CAAC,CAAC;KACrE;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,MAAM,KAAK,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,EACnC,SAAS,EACT,OAAO,EACP,KAAK,CACN,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,uCAA6C;AAC7C,6CAAkD;AAClD,yDAA2C;AAC3C,iCAKgB;AAEhB,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAMvC,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAA,4BAAqB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,IAAA,yBAAkB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACtC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,UAAU,EACV,SAAS,CACV,CACF,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,iBAAiB,CACrD,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,IAAA,0BAAgB,GAAE,CACnB,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;QAEjD,qEAAqE;QACrE,IAAI,IAAA,mBAAY,GAAE,EAAE;YAClB,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;SACjE;aAAM,IAAI,WAAW,CAAC,gBAAgB,CAAC,qBAAqB,CAAC,KAAK,MAAM,EAAE;YACzE,MAAM,UAAU,CAAC,iBAAiB,CAChC,IAAA,+BAAkB,EAAC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,EAC5D,YAAY,CAAC,OAAO,EACpB,IAAA,0BAAgB,GAAE,CACnB,CAAC;SACH;QACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,YAAY,CAAC,YAAY,CAAC,CAAC;KACrE;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,MAAM,KAAK,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,EACnC,SAAS,EACT,OAAO,EACP,KAAK,CACN,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

src/analyze-action.ts

@@ -262,11 +262,7 @@ async function run() {
     core.setOutput("db-locations", dbLocations);
 
     if (runStats && actionsUtil.getRequiredInput("upload") === "true") {
-      uploadResult = await upload_lib.uploadFromActions(
+      uploadResult = await upload_lib.uploadFromActions(outputDir, logger);
-        outputDir,
-        config.gitHubVersion,
-        logger
-      );
       core.setOutput("sarif-id", uploadResult.sarifID);
     } else {
       logger.info("Not uploading results");

src/codeql.test.ts

@@ -9,6 +9,7 @@ import * as yaml from "js-yaml";
 import nock from "nock";
 import * as sinon from "sinon";
 
+import * as actionsUtil from "./actions-util";
 import { GitHubApiDetails } from "./api-client";
 import * as codeql from "./codeql";
 import { AugmentationProperties, Config } from "./config-utils";
@@ -432,6 +433,8 @@ test("getCodeQLActionRepository", (t) => {
   const repoLocalRunner = codeql.getCodeQLActionRepository(logger);
   t.deepEqual(repoLocalRunner, "github/codeql-action");
 
+  // isRunningLocalAction() === false
+  sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
   process.env["GITHUB_ACTION_REPOSITORY"] = "xxx/yyy";
   const repoEnv = codeql.getCodeQLActionRepository(logger);
   t.deepEqual(repoEnv, "xxx/yyy");

src/codeql.ts

@@ -10,7 +10,7 @@ import { default as queryString } from "query-string";
 import * as semver from "semver";
 import { v4 as uuidV4 } from "uuid";
 
-import { getRelativeScriptPath, isRunningLocalAction } from "./actions-util";
+import { isRunningLocalAction } from "./actions-util";
 import * as api from "./api-client";
 import { Config } from "./config-utils";
 import * as defaults from "./defaults.json"; // Referenced from codeql-action-sync-tool!
@@ -296,26 +296,17 @@ function getCodeQLBundleName(): string {
 }
 
 export function getCodeQLActionRepository(logger: Logger): string {
-  if (process.env["GITHUB_ACTION_REPOSITORY"] !== undefined) {
-    return process.env["GITHUB_ACTION_REPOSITORY"];
-  }
-
-  // The Actions Runner used with GitHub Enterprise Server 2.22 did not set the GITHUB_ACTION_REPOSITORY variable.
-  // This fallback logic can be removed after the end-of-support for 2.22 on 2021-09-23.
-
   if (isRunningLocalAction()) {
     // This handles the case where the Action does not come from an Action repository,
     // e.g. our integration tests which use the Action code from the current checkout.
+    // In these cases, the GITHUB_ACTION_REPOSITORY environment variable is not set.
     logger.info(
       "The CodeQL Action is checked out locally. Using the default CodeQL Action repository."
     );
     return CODEQL_DEFAULT_ACTION_REPOSITORY;
   }
-  logger.info(
+
-    "GITHUB_ACTION_REPOSITORY environment variable was not set. Falling back to legacy method of finding the GitHub Action."
+  return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
-  );
-  const relativeScriptPathParts = getRelativeScriptPath().split(path.sep);
-  return `${relativeScriptPathParts[0]}/${relativeScriptPathParts[1]}`;
 }
 
 async function getCodeQLBundleDownloadURL(

src/upload-lib.test.ts

@@ -7,13 +7,7 @@ import { getRunnerLogger, Logger } from "./logging";
 import { setupTests } from "./testing-utils";
 import * as uploadLib from "./upload-lib";
 import { pruneInvalidResults } from "./upload-lib";
-import {
+import { initializeEnvironment, SarifFile, withTmpDir } from "./util";
-  GitHubVariant,
-  GitHubVersion,
-  initializeEnvironment,
-  SarifFile,
-  withTmpDir,
-} from "./util";
 
 setupTests(test);
 
@@ -35,36 +29,23 @@ test("validateSarifFileSchema - invalid", (t) => {
   );
 });
 
-test("validate correct payload used per version", async (t) => {
+test("validate correct payload used for push, PR merge commit, and PR head", async (t) => {
-  const newVersions: GitHubVersion[] = [
-    { type: GitHubVariant.DOTCOM },
-    { type: GitHubVariant.GHES, version: "3.1.0" },
-  ];
-  const oldVersions: GitHubVersion[] = [
-    { type: GitHubVariant.GHES, version: "2.22.1" },
-    { type: GitHubVariant.GHES, version: "3.0.0" },
-  ];
-  const allVersions = newVersions.concat(oldVersions);
-
   process.env["GITHUB_EVENT_NAME"] = "push";
-  for (const version of allVersions) {
+  const pushPayload: any = uploadLib.buildPayload(
-    const payload: any = uploadLib.buildPayload(
+    "commit",
-      "commit",
+    "refs/heads/master",
-      "refs/heads/master",
+    "key",
-      "key",
+    undefined,
-      undefined,
+    "",
-      "",
+    undefined,
-      undefined,
+    "/opt/src",
-      "/opt/src",
+    undefined,
-      undefined,
+    ["CodeQL", "eslint"],
-      ["CodeQL", "eslint"],
+    "mergeBaseCommit"
-      version,
+  );
-      "mergeBaseCommit"
+  // Not triggered by a pull request
-    );
+  t.falsy(pushPayload.base_ref);
-    // Not triggered by a pull request
+  t.falsy(pushPayload.base_sha);
-    t.falsy(payload.base_ref);
-    t.falsy(payload.base_sha);
-  }
 
   process.env["GITHUB_EVENT_NAME"] = "pull_request";
   process.env["GITHUB_SHA"] = "commit";
@@ -72,62 +53,40 @@ test("validate correct payload used per version", async (t) => {
   process.env[
     "GITHUB_EVENT_PATH"
   ] = `${__dirname}/../src/testdata/pull_request.json`;
-  for (const version of newVersions) {
+  const prMergePayload: any = uploadLib.buildPayload(
-    const payload: any = uploadLib.buildPayload(
+    "commit",
-      "commit",
+    "refs/pull/123/merge",
-      "refs/pull/123/merge",
+    "key",
-      "key",
+    undefined,
-      undefined,
+    "",
-      "",
+    undefined,
-      undefined,
+    "/opt/src",
-      "/opt/src",
+    undefined,
-      undefined,
+    ["CodeQL", "eslint"],
-      ["CodeQL", "eslint"],
+    "mergeBaseCommit"
-      version,
+  );
-      "mergeBaseCommit"
+  // Uploads for a merge commit use the merge base
-    );
+  t.deepEqual(prMergePayload.base_ref, "refs/heads/master");
-    // Uploads for a merge commit use the merge base
+  t.deepEqual(prMergePayload.base_sha, "mergeBaseCommit");
-    t.deepEqual(payload.base_ref, "refs/heads/master");
-    t.deepEqual(payload.base_sha, "mergeBaseCommit");
-  }
 
-  for (const version of newVersions) {
+  const prHeadPayload: any = uploadLib.buildPayload(
-    const payload: any = uploadLib.buildPayload(
+    "headCommit",
-      "headCommit",
+    "refs/pull/123/head",
-      "refs/pull/123/head",
+    "key",
-      "key",
+    undefined,
-      undefined,
+    "",
-      "",
+    undefined,
-      undefined,
+    "/opt/src",
-      "/opt/src",
+    undefined,
-      undefined,
+    ["CodeQL", "eslint"],
-      ["CodeQL", "eslint"],
+    "mergeBaseCommit"
-      version,
+  );
-      "mergeBaseCommit"
+  // Uploads for the head use the PR base
-    );
+  t.deepEqual(prHeadPayload.base_ref, "refs/heads/master");
-    // Uploads for the head use the PR base
+  t.deepEqual(
-    t.deepEqual(payload.base_ref, "refs/heads/master");
+    prHeadPayload.base_sha,
-    t.deepEqual(payload.base_sha, "f95f852bd8fca8fcc58a9a2d6c842781e32a215e");
+    "f95f852bd8fca8fcc58a9a2d6c842781e32a215e"
-  }
+  );
-
-  for (const version of oldVersions) {
-    const payload: any = uploadLib.buildPayload(
-      "commit",
-      "refs/pull/123/merge",
-      "key",
-      undefined,
-      "",
-      undefined,
-      "/opt/src",
-      undefined,
-      ["CodeQL", "eslint"],
-      version,
-      "mergeBaseCommit"
-    );
-    // These older versions won't expect these values
-    t.falsy(payload.base_ref);
-    t.falsy(payload.base_sha);
-  }
 });
 
 test("finding SARIF files", async (t) => {

src/upload-lib.ts

@@ -7,7 +7,6 @@ import * as core from "@actions/core";
 import { OctokitResponse } from "@octokit/types";
 import fileUrl from "file-url";
 import * as jsonschema from "jsonschema";
-import * as semver from "semver";
 
 import * as actionsUtil from "./actions-util";
 import * as api from "./api-client";
@@ -161,7 +160,6 @@ export function findSarifFilesInDir(sarifPath: string): string[] {
 // Returns true iff the upload occurred and succeeded
 export async function uploadFromActions(
   sarifPath: string,
-  gitHubVersion: util.GitHubVersion,
   logger: Logger
 ): Promise<UploadResult> {
   return await uploadFiles(
@@ -177,7 +175,6 @@ export async function uploadFromActions(
     actionsUtil.getWorkflowRunID(),
     actionsUtil.getRequiredInput("checkout_path"),
     actionsUtil.getRequiredInput("matrix"),
-    gitHubVersion,
     logger
   );
 }
@@ -263,7 +260,6 @@ export function buildPayload(
   checkoutURI: string,
   environment: string | undefined,
   toolNames: string[],
-  gitHubVersion: util.GitHubVersion,
   mergeBaseCommitOid: string | undefined
 ) {
   const payloadObj = {
@@ -281,33 +277,27 @@ export function buildPayload(
     base_sha: undefined as undefined | string,
   };
 
-  // This behaviour can be made the default when support for GHES 3.0 is discontinued.
+  if (actionsUtil.workflowEventName() === "pull_request") {
-  if (
+    if (
-    gitHubVersion.type !== util.GitHubVariant.GHES ||
+      commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
-    semver.satisfies(gitHubVersion.version, `>=3.1`)
+      mergeBaseCommitOid
-  ) {
+    ) {
-    if (actionsUtil.workflowEventName() === "pull_request") {
+      // We're uploading results for the merge commit
-      if (
+      // and were able to determine the merge base.
-        commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
+      // So we use that as the most accurate base.
-        mergeBaseCommitOid
+      payloadObj.base_ref = `refs/heads/${util.getRequiredEnvParam(
-      ) {
+        "GITHUB_BASE_REF"
-        // We're uploading results for the merge commit
+      )}`;
-        // and were able to determine the merge base.
+      payloadObj.base_sha = mergeBaseCommitOid;
-        // So we use that as the most accurate base.
+    } else if (process.env.GITHUB_EVENT_PATH) {
-        payloadObj.base_ref = `refs/heads/${util.getRequiredEnvParam(
+      // Either we're not uploading results for the merge commit
-          "GITHUB_BASE_REF"
+      // or we could not determine the merge base.
-        )}`;
+      // Using the PR base is the only option here
-        payloadObj.base_sha = mergeBaseCommitOid;
+      const githubEvent = JSON.parse(
-      } else if (process.env.GITHUB_EVENT_PATH) {
+        fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8")
-        // Either we're not uploading results for the merge commit
+      );
-        // or we could not determine the merge base.
+      payloadObj.base_ref = `refs/heads/${githubEvent.pull_request.base.ref}`;
-        // Using the PR base is the only option here
+      payloadObj.base_sha = githubEvent.pull_request.base.sha;
-        const githubEvent = JSON.parse(
-          fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8")
-        );
-        payloadObj.base_ref = `refs/heads/${githubEvent.pull_request.base.ref}`;
-        payloadObj.base_sha = githubEvent.pull_request.base.sha;
-      }
     }
   }
   return payloadObj;
@@ -326,7 +316,6 @@ async function uploadFiles(
   workflowRunID: number | undefined,
   sourceRoot: string,
   environment: string | undefined,
-  gitHubVersion: util.GitHubVersion,
   logger: Logger
 ): Promise<UploadResult> {
   logger.startGroup("Uploading results");
@@ -367,7 +356,6 @@ async function uploadFiles(
     checkoutURI,
     environment,
     toolNames,
-    gitHubVersion,
     await actionsUtil.determineMergeBaseCommitOid()
   );
 

src/upload-sarif-action.ts

@@ -1,7 +1,6 @@
 import * as core from "@actions/core";
 
 import * as actionsUtil from "./actions-util";
-import { getGitHubVersion } from "./api-client";
 import { getActionsLogger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
 import * as upload_lib from "./upload-lib";
@@ -52,11 +51,8 @@ async function run() {
   }
 
   try {
-    const gitHubVersion = await getGitHubVersion();
-
     const uploadResult = await upload_lib.uploadFromActions(
       actionsUtil.getRequiredInput("sarif_file"),
-      gitHubVersion,
       getActionsLogger()
     );
     core.setOutput("sarif-id", uploadResult.sarifID);