Ensure artifacts are only uploaded in safe situations
This commit: Turns on uploading of artifacts again but only if CLI version is >= 2.20.3. I implemented the check using our feature flag functionality. I was on the fence about this since it makes the PR more complex. However, it does give us more flexibility when controlling artifact uploads. Also, I renamed the two workflows that were previously disabled. This way we will not accidentally enable the old workflows for previous versions of the action.
This commit is contained in:
Andrew Eisenberg
parent
e7c0c9d71b
commit
2bab9f7984
17 changed files with 264 additions and 39 deletions
10
lib/analyze-action-post.js
generated
10
lib/analyze-action-post.js
generated
|
|
@ -44,7 +44,9 @@ const api_client_1 = require("./api-client");
|
|||
const config_utils_1 = require("./config-utils");
|
||||
const debugArtifacts = __importStar(require("./debug-artifacts"));
|
||||
const environment_1 = require("./environment");
|
||||
const feature_flags_1 = require("./feature-flags");
|
||||
const logging_1 = require("./logging");
|
||||
const repository_1 = require("./repository");
|
||||
const util_1 = require("./util");
|
||||
async function runWrapper() {
|
||||
try {
|
||||
|
|
@ -52,12 +54,13 @@ async function runWrapper() {
|
|||
const logger = (0, logging_1.getActionsLogger)();
|
||||
const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
|
||||
(0, util_1.checkGitHubVersionInRange)(gitHubVersion, logger);
|
||||
const features = createFeatures(gitHubVersion, logger);
|
||||
// Upload SARIF artifacts if we determine that this is a first-party analysis run.
|
||||
// For third-party runs, this artifact will be uploaded in the `upload-sarif-post` step.
|
||||
if (process.env[environment_1.EnvVar.INIT_ACTION_HAS_RUN] === "true") {
|
||||
const config = await (0, config_utils_1.getConfig)(actionsUtil.getTemporaryDirectory(), logger);
|
||||
if (config !== undefined) {
|
||||
await (0, logging_1.withGroup)("Uploading combined SARIF debug artifact", () => debugArtifacts.uploadCombinedSarifArtifacts(logger, config.gitHubVersion.type));
|
||||
await (0, logging_1.withGroup)("Uploading combined SARIF debug artifact", () => debugArtifacts.uploadCombinedSarifArtifacts(logger, config.gitHubVersion.type, features));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -65,5 +68,10 @@ async function runWrapper() {
|
|||
core.setFailed(`analyze post-action step failed: ${(0, util_1.getErrorMessage)(error)}`);
|
||||
}
|
||||
}
|
||||
function createFeatures(gitHubVersion, logger) {
|
||||
const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
|
||||
const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, actionsUtil.getTemporaryDirectory(), logger);
|
||||
return features;
|
||||
}
|
||||
void runWrapper();
|
||||
//# sourceMappingURL=analyze-action-post.js.map
|
||||
Loading…
Add table
Add a link
Reference in a new issue