robojerk/codeql-action

Apply suggestions from code review

Browse source 
Co-authored-by: Henry Mercer <henrymercer@github.com>
This commit is contained in:
Nick Fyson 2024-04-03 17:07:14 +01:00 committed by nickfyson
parent 6514cbb626
commit 2cc8bbd0e0
6 changed files with 14 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

10
lib/upload-lib.js generated
View file

@ -85,7 +85,7 @@ function areAllRunsProducedByCodeQL(sarifFiles) {
// CodeQL. Otherwise, it will fall back to combining the files in the action.
// Returns the contents of the combined sarif file.
async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) {
logger.info(`Combining sarif files using CLI`);
logger.info("Combining SARIF files using the CodeQL CLI");
if (sarifFiles.length === 1) {
return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8"));
}
@ -291,7 +291,7 @@ exports.validateSarifFileSchema = validateSarifFileSchema;
// buildPayload constructs a map ready to be uploaded to the API from the given
// parameters, respecting the current mode and target GitHub instance version.
function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, mergeBaseCommitOid, logger) {
logger.info(`Combining sarif files using CLI`);
logger.info(`Combining SARIF files using CLI`);
const payloadObj = {
commit_oid: commitOid,
ref,
@ -345,11 +345,11 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
const toolNames = util.getToolNames(sarif);
logger.debug(`Validating unique category in sarif`);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif);
logger.debug(`Stringifying sarif for upload`);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
logger.debug(`Compressing sarif payload`);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = (0, file_url_1.default)(sourceRoot);
const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid(), logger);