robojerk/codeql-action

Implement PR feedback

Browse source
This commit is contained in:
Simon Engledew 2021-01-15 08:13:47 +00:00
parent 0853901c0d
commit 1a6f6a27b3
No known key found for this signature in database
GPG key ID: 84302E7B02FE8BCE
6 changed files with 74 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

19
lib/actions-util.js generated
View file

@ -186,19 +186,11 @@ function validateWorkflow(doc) {
}
let missing = MissingTriggers.None;
if (doc.on === undefined) {
// codeql will scan the default branch
// this is not a valid config
}
else if (typeof doc.on === "string") {
switch (doc.on) {
case "push":
// valid configuration
break;
case "pull_request":
if (doc.on === "pull_request") {
missing = MissingTriggers.Push;
break;
default:
missing = MissingTriggers.Push | MissingTriggers.PullRequest;
break;
}
}
else if (Array.isArray(doc.on)) {
@ -211,7 +203,7 @@ function validateWorkflow(doc) {
else if (isObject(doc.on)) {
const hasPush = Object.prototype.hasOwnProperty.call(doc.on, "push");
const hasPullRequest = Object.prototype.hasOwnProperty.call(doc.on, "pull_request");
if (!hasPush) {
if (!hasPush && hasPullRequest) {
missing = missing | MissingTriggers.Push;
}
if (hasPush && hasPullRequest) {
@ -227,8 +219,9 @@ function validateWorkflow(doc) {
errors.push(exports.WorkflowErrors.PathsIgnoreSpecified);
}
}
// check the user is scanning PRs right now
// if not the warning does not apply
// if doc.on.pull_request is null that means 'all branches'
// if doc.on.pull_request is undefined that means 'off'
// we only want to check for mismatched branches if pull_request is on.
if (doc.on.pull_request !== undefined) {
const push = branchesToArray((_g = doc.on.push) === null || _g === void 0 ? void 0 : _g.branches);
if (push !== "**") {

2
lib/actions-util.js.map
View file

File diff suppressed because one or more lines are too long

19
lib/actions-util.test.js generated
View file

@ -72,9 +72,9 @@ ava_1.default("prepareEnvironment() when a local run", (t) => {
t.deepEqual(process.env.GITHUB_JOB, "UNKNOWN-JOB");
t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "LOCAL-RUN:UNKNOWN-JOB");
});
ava_1.default("validateWorkflow() when on.push is missing", (t) => {
ava_1.default("validateWorkflow() when on is empty", (t) => {
const errors = actionsutil.validateWorkflow({ on: {} });
t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MissingPushHook]));
t.deepEqual(...errorCodes(errors, []));
});
ava_1.default("validateWorkflow() when on.push is an array missing pull_request", (t) => {
const errors = actionsutil.validateWorkflow({ on: ["push"] });
@ -368,6 +368,21 @@ name: "CodeQL"
`));
t.deepEqual(...errorCodes(errors, []));
});
ava_1.default("validateWorkflow() with a different on setup", (t) => {
t.deepEqual(...errorCodes(actionsutil.validateWorkflow(yaml.safeLoad(`
name: "CodeQL"
on: "workflow_dispatch"
`)), []));
t.deepEqual(...errorCodes(actionsutil.validateWorkflow(yaml.safeLoad(`
name: "CodeQL"
on: [workflow_dispatch]
`)), []));
t.deepEqual(...errorCodes(actionsutil.validateWorkflow(yaml.safeLoad(`
name: "CodeQL"
on:
workflow_dispatch: {}
`)), []));
});
ava_1.default("validateWorkflow() should not report an error if PRs are totally unconfigured", (t) => {
t.deepEqual(...errorCodes(actionsutil.validateWorkflow(yaml.safeLoad(`
name: "CodeQL"

2
lib/actions-util.test.js.map
View file

File diff suppressed because one or more lines are too long

45
src/actions-util.test.ts
View file

@ -90,12 +90,10 @@ test("prepareEnvironment() when a local run", (t) => {
t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "LOCAL-RUN:UNKNOWN-JOB");
});
test("validateWorkflow() when on.push is missing", (t) => {
test("validateWorkflow() when on is empty", (t) => {
const errors = actionsutil.validateWorkflow({ on: {} });
t.deepEqual(
...errorCodes(errors, [actionsutil.WorkflowErrors.MissingPushHook])
);
t.deepEqual(...errorCodes(errors, []));
});
test("validateWorkflow() when on.push is an array missing pull_request", (t) => {
@ -549,6 +547,45 @@ name: "CodeQL"
t.deepEqual(...errorCodes(errors, []));
});
test("validateWorkflow() with a different on setup", (t) => {
t.deepEqual(
...errorCodes(
actionsutil.validateWorkflow(
yaml.safeLoad(`
name: "CodeQL"
on: "workflow_dispatch"
`)
),
[]
)
);
t.deepEqual(
...errorCodes(
actionsutil.validateWorkflow(
yaml.safeLoad(`
name: "CodeQL"
on: [workflow_dispatch]
`)
),
[]
)
);
t.deepEqual(
...errorCodes(
actionsutil.validateWorkflow(
yaml.safeLoad(`
name: "CodeQL"
on:
workflow_dispatch: {}
`)
),
[]
)
);
});
test("validateWorkflow() should not report an error if PRs are totally unconfigured", (t) => {
t.deepEqual(
...errorCodes(

19
src/actions-util.ts
View file

@ -236,18 +236,10 @@ export function validateWorkflow(doc: Workflow): CodedError[] {
let missing = MissingTriggers.None;
if (doc.on === undefined) {
// codeql will scan the default branch
// this is not a valid config
} else if (typeof doc.on === "string") {
switch (doc.on) {
case "push":
// valid configuration
break;
case "pull_request":
if (doc.on === "pull_request") {
missing = MissingTriggers.Push;
break;
default:
missing = MissingTriggers.Push | MissingTriggers.PullRequest;
break;
}
} else if (Array.isArray(doc.on)) {
const hasPush = doc.on.includes("push");
@ -262,7 +254,7 @@ export function validateWorkflow(doc: Workflow): CodedError[] {
"pull_request"
);
if (!hasPush) {
if (!hasPush && hasPullRequest) {
missing = missing | MissingTriggers.Push;
}
if (hasPush && hasPullRequest) {
@ -279,8 +271,9 @@ export function validateWorkflow(doc: Workflow): CodedError[] {
}
}
// check the user is scanning PRs right now
// if not the warning does not apply
// if doc.on.pull_request is null that means 'all branches'
// if doc.on.pull_request is undefined that means 'off'
// we only want to check for mismatched branches if pull_request is on.
if (doc.on.pull_request !== undefined) {
const push = branchesToArray(doc.on.push?.branches);