robojerk/codeql-action

Write a warning if there is an error with the workflow

Browse source
This commit is contained in:
Simon Engledew 2020-11-24 09:51:00 +00:00
parent 7eb9dfcc60
commit 33bb87523e
No known key found for this signature in database
GPG key ID: 84302E7B02FE8BCE
9 changed files with 92 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

27
lib/actions-util.js generated
View file

@ -7,10 +7,12 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const core = __importStar(require("@actions/core"));
const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
const safeWhich = __importStar(require("@chrisgavin/safe-which"));
const yaml = __importStar(require("js-yaml"));
const api = __importStar(require("./api-client"));
const sharedEnv = __importStar(require("./shared-environment"));
const util_1 = require("./util");
@ -105,6 +107,12 @@ var MissingTriggers;
MissingTriggers[MissingTriggers["PUSH"] = 1] = "PUSH";
MissingTriggers[MissingTriggers["PULL_REQUEST"] = 2] = "PULL_REQUEST";
})(MissingTriggers || (MissingTriggers = {}));
exports.ErrCheckoutWrongHead = `Git checkout HEAD^2 is no longer necessary. Please remove this line.`;
exports.ErrMismatchedBranches = `Please make sure that any branches in on.pull_request are also in on.push so that CodeQL can establish a baseline.`;
exports.ErrMissingHooks = `Please specify on.push and on.pull_request hooks.`;
exports.ErrMissingPushHook = `Please specify an on.push hook so CodeQL can establish a baseline.`;
exports.ErrMissingPullRequestHook = `Please specify an on.pull_request hook so CodeQL is run against new pull requests.`;
exports.ErrPathsSpecified = `Please do not specify paths at on.pull.`;
function validateWorkflow(doc) {
var _a, _b, _c, _d;
const errors = [];
@ -112,7 +120,7 @@ function validateWorkflow(doc) {
for (const job of Object.values(((_a = doc) === null || _a === void 0 ? void 0 : _a.jobs) || {})) {
for (const step of ((_b = job) === null || _b === void 0 ? void 0 : _b.steps) || []) {
if (((_c = step) === null || _c === void 0 ? void 0 : _c.run) === "git checkout HEAD^2") {
errors.push(`Git checkout HEAD^2 is no longer necessary. Please remove this line from your workflow.`);
errors.push(exports.ErrCheckoutWrongHead);
}
}
}
@ -151,7 +159,7 @@ function validateWorkflow(doc) {
else {
const paths = (_d = doc.on.push) === null || _d === void 0 ? void 0 : _d.paths;
if (Array.isArray(paths) && paths.length > 0) {
errors.push("Please do not specify paths at on.pull.");
errors.push(exports.ErrPathsSpecified);
}
}
if (doc.on.pull_request !== undefined && doc.on.push !== undefined) {
@ -159,28 +167,35 @@ function validateWorkflow(doc) {
const pull_request = doc.on.pull_request.branches || [];
const intersects = pull_request.filter((value) => !push.includes(value));
if (intersects.length > 0) {
errors.push("Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline.");
errors.push(exports.ErrMismatchedBranches);
}
}
}
switch (missing) {
case MissingTriggers.PULL_REQUEST | MissingTriggers.PUSH:
errors.push("Please specify on.push and on.pull_request hooks.");
errors.push(exports.ErrMissingHooks);
break;
case MissingTriggers.PULL_REQUEST:
errors.push("Please specify an on.pull_request hook so CodeQL is run against new pull requests.");
errors.push(exports.ErrMissingPullRequestHook);
break;
case MissingTriggers.PUSH:
errors.push("Please specify an on.push hook so CodeQL can establish a baseline.");
errors.push(exports.ErrMissingPushHook);
break;
}
return errors;
}
exports.validateWorkflow = validateWorkflow;
async function getWorkflow() {
return yaml.safeLoad(fs.readFileSync(await getWorkflowPath(), "utf-8"));
}
exports.getWorkflow = getWorkflow;
/**
* Get the path of the currently executing workflow.
*/
async function getWorkflowPath() {
if (util_1.isLocalRun()) {
return getRequiredEnvParam("WORKFLOW_PATH");
}
const repo_nwo = getRequiredEnvParam("GITHUB_REPOSITORY").split("/");
const owner = repo_nwo[0];
const repo = repo_nwo[1];

2
lib/actions-util.js.map
View file

File diff suppressed because one or more lines are too long

26
lib/actions-util.test.js generated
View file

@ -70,24 +70,20 @@ ava_1.default("prepareEnvironment() when a local run", (t) => {
});
ava_1.default("validateWorkflow() when on is missing", (t) => {
const errors = actionsutil.validateWorkflow({});
t.deepEqual(errors, ["Please specify on.push and on.pull_request hooks."]);
t.deepEqual(errors, [actionsutil.ErrMissingHooks]);
});
ava_1.default("validateWorkflow() when on.push is missing", (t) => {
const errors = actionsutil.validateWorkflow({ on: {} });
console.log(errors);
t.deepEqual(errors, ["Please specify on.push and on.pull_request hooks."]);
t.deepEqual(errors, [actionsutil.ErrMissingHooks]);
});
ava_1.default("validateWorkflow() when on.push is an array missing pull_request", (t) => {
const errors = actionsutil.validateWorkflow({ on: ["push"] });
t.deepEqual(errors, [
"Please specify an on.pull_request hook so CodeQL is run against new pull requests.",
]);
t.deepEqual(errors, [actionsutil.ErrMissingPullRequestHook]);
});
ava_1.default("validateWorkflow() when on.push is an array missing push", (t) => {
const errors = actionsutil.validateWorkflow({ on: ["pull_request"] });
t.deepEqual(errors, [
"Please specify an on.push hook so CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMissingPushHook]);
});
ava_1.default("validateWorkflow() when on.push is valid", (t) => {
const errors = actionsutil.validateWorkflow({
@ -108,7 +104,7 @@ ava_1.default("validateWorkflow() when on.push should not have a path", (t) => {
pull_request: { branches: ["main"] },
},
});
t.deepEqual(errors, ["Please do not specify paths at on.pull."]);
t.deepEqual(errors, [actionsutil.ErrPathsSpecified]);
});
ava_1.default("validateWorkflow() when on.push is a correct object", (t) => {
const errors = actionsutil.validateWorkflow({
@ -130,9 +126,7 @@ ava_1.default("validateWorkflow() when on.push is mismatched", (t) => {
pull_request: { branches: ["feature"] },
},
});
t.deepEqual(errors, [
"Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMismatchedBranches]);
});
ava_1.default("validateWorkflow() when on.push is not mismatched", (t) => {
const errors = actionsutil.validateWorkflow({
@ -150,17 +144,13 @@ ava_1.default("validateWorkflow() when on.push is mismatched for pull_request",
pull_request: { branches: ["main", "feature"] },
},
});
t.deepEqual(errors, [
"Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMismatchedBranches]);
});
ava_1.default("validateWorkflow() when HEAD^2 is checked out", (t) => {
const errors = actionsutil.validateWorkflow({
on: ["push", "pull_request"],
jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
});
t.deepEqual(errors, [
"Git checkout HEAD^2 is no longer necessary. Please remove this line from your workflow.",
]);
t.deepEqual(errors, [actionsutil.ErrCheckoutWrongHead]);
});
//# sourceMappingURL=actions-util.test.js.map

2
lib/actions-util.test.js.map
View file

File diff suppressed because one or more lines are too long

9
lib/init-action.js generated
View file

@ -55,7 +55,14 @@ async function run() {
let toolsVersion;
try {
actionsUtil.prepareLocalRunEnvironment();
if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("init", "starting", startedAt)))) {
const workflowErrors = actionsUtil.validateWorkflow(await actionsUtil.getWorkflow());
const workflowErrorMessage = workflowErrors.length > 0
? `${workflowErrors.length} issue${workflowErrors.length === 1 ? " was" : "s were"} detected with this workflow: ${workflowErrors.join(", ")}`
: undefined;
if (workflowErrorMessage !== undefined) {
core.warning(workflowErrorMessage);
}
if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("init", "starting", startedAt, workflowErrorMessage)))) {
return;
}
const initCodeQLResult = await init_1.initCodeQL(actionsUtil.getOptionalInput("tools"), actionsUtil.getRequiredInput("token"), actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"), actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), actionsUtil.getRequiredEnvParam("RUNNER_TOOL_CACHE"), "actions", logger);

2
lib/init-action.js.map
View file

@ -1 +1 @@
{"version":3,"file":"init-action.js","sourceRoot":"","sources":["../src/init-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAG9C,iCAMgB;AAChB,2CAAuC;AACvC,uCAA6C;AAC7C,6CAAkD;AAsBlD,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,MAA0B,EAC1B,YAAoB;;IAEpB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,MAAM,EACN,SAAS,EACT,SAAS,CACV,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,iBAAiB,GAAG,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CACvE,GAAG,CACJ,CAAC;IACF,MAAM,qBAAqB,GAAG,MAAM,CAAC,iBAAiB,CACpD,yBAAyB,CAC1B;QACC,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,YAAY,SAAG,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,0CAAE,IAAI,EAAE,CAAC;IACnE,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;QAC9D,OAAO,CAAC,IAAI,CACV,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAC/D,CAAC;KACH;IACD,IAAI,YAAY,KAAK,SAAS,EAAE;QAC9B,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACzC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,YAAY,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;KAC1C;IAED,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,SAAS;QACT,kBAAkB,EAAE,iBAAiB,IAAI,EAAE;QAC3C,KAAK;QACL,YAAY,EAAE,WAAW;QACzB,uBAAuB,EAAE,qBAAqB;QAC9C,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1B,WAAW,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,IAAI,EAAE;QACxD,sBAAsB,EAAE,YAAY;KACrC,CAAC;IAEF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,MAAc,CAAC;IACnB,IAAI,YAAoB,CAAC;IAEzB,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QAEzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,CAAC,CACxE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,gBAAgB,GAAG,MAAM,iBAAU,CACvC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QACF,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;QACjC,YAAY,GAAG,gBAAgB,CAAC,YAAY,CAAC;QAE7C,MAAM,GAAG,MAAM,iBAAU,CACvB,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,EACzC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EACvC,WAAW,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAC3C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,MAAM,EACN,WAAW,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,EACnD,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QAEF,IACE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC;YAC1C,WAAW,CAAC,gBAAgB,CAAC,2BAA2B,CAAC,KAAK,MAAM,EACpE;YACA,IAAI;gBACF,MAAM,wBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;aACzC;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,CAAC,OAAO,CACZ,GAAG,GAAG,CAAC,OAAO,2FAA2F,CAC1G,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,CAAC,CAAC,OAAO,CACV,CACF,CAAC;QACF,OAAO;KACR;IAED,IAAI;QACF,mBAAmB;QACnB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE;YACX,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CACV,6GAA6G,CAC9G,CAAC;SACH;QAED,mGAAmG;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,MAAM,CAAC;QACtD,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,YAAY,GAAG,MAAM,cAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnD,IAAI,YAAY,KAAK,SAAS,EAAE;YAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBAC3D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;aACjC;YAED,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;gBAChC,MAAM,0BAAmB,CACvB,mBAAmB,EACnB,SAAS,EACT,MAAM,EACN,MAAM,EACN,YAAY,CACb,CAAC;aACH;SACF;QAED,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;KACjD;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;AACjE,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
{"version":3,"file":"init-action.js","sourceRoot":"","sources":["../src/init-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAG9C,iCAMgB;AAChB,2CAAuC;AACvC,uCAA6C;AAC7C,6CAAkD;AAsBlD,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,MAA0B,EAC1B,YAAoB;;IAEpB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,MAAM,EACN,SAAS,EACT,SAAS,CACV,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,iBAAiB,GAAG,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CACvE,GAAG,CACJ,CAAC;IACF,MAAM,qBAAqB,GAAG,MAAM,CAAC,iBAAiB,CACpD,yBAAyB,CAC1B;QACC,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,YAAY,SAAG,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,0CAAE,IAAI,EAAE,CAAC;IACnE,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;QAC9D,OAAO,CAAC,IAAI,CACV,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAC/D,CAAC;KACH;IACD,IAAI,YAAY,KAAK,SAAS,EAAE;QAC9B,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACzC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,YAAY,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;KAC1C;IAED,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,SAAS;QACT,kBAAkB,EAAE,iBAAiB,IAAI,EAAE;QAC3C,KAAK;QACL,YAAY,EAAE,WAAW;QACzB,uBAAuB,EAAE,qBAAqB;QAC9C,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1B,WAAW,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,IAAI,EAAE;QACxD,sBAAsB,EAAE,YAAY;KACrC,CAAC;IAEF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,MAAc,CAAC;IACnB,IAAI,YAAoB,CAAC;IAEzB,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QAEzC,MAAM,cAAc,GAAG,WAAW,CAAC,gBAAgB,CACjD,MAAM,WAAW,CAAC,WAAW,EAAE,CAChC,CAAC;QAEF,MAAM,oBAAoB,GACxB,cAAc,CAAC,MAAM,GAAG,CAAC;YACvB,CAAC,CAAC,GAAG,cAAc,CAAC,MAAM,SACtB,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QACzC,iCAAiC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9D,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,oBAAoB,KAAK,SAAS,EAAE;YACtC,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;SACpC;QAED,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,UAAU,EACV,SAAS,EACT,oBAAoB,CACrB,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,gBAAgB,GAAG,MAAM,iBAAU,CACvC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QACF,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;QACjC,YAAY,GAAG,gBAAgB,CAAC,YAAY,CAAC;QAE7C,MAAM,GAAG,MAAM,iBAAU,CACvB,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,EACzC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EACvC,WAAW,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAC3C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,MAAM,EACN,WAAW,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,EACnD,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QAEF,IACE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC;YAC1C,WAAW,CAAC,gBAAgB,CAAC,2BAA2B,CAAC,KAAK,MAAM,EACpE;YACA,IAAI;gBACF,MAAM,wBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;aACzC;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,CAAC,OAAO,CACZ,GAAG,GAAG,CAAC,OAAO,2FAA2F,CAC1G,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,CAAC,CAAC,OAAO,CACV,CACF,CAAC;QACF,OAAO;KACR;IAED,IAAI;QACF,mBAAmB;QACnB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE;YACX,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CACV,6GAA6G,CAC9G,CAAC;SACH;QAED,mGAAmG;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,MAAM,CAAC;QACtD,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,YAAY,GAAG,MAAM,cAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnD,IAAI,YAAY,KAAK,SAAS,EAAE;YAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBAC3D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;aACjC;YAED,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;gBAChC,MAAM,0BAAmB,CACvB,mBAAmB,EACnB,SAAS,EACT,MAAM,EACN,MAAM,EACN,YAAY,CACb,CAAC;aACH;SACF;QAED,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;KACjD;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;AACjE,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}

26
src/actions-util.test.ts
View file

@ -85,7 +85,7 @@ test("prepareEnvironment() when a local run", (t) => {
test("validateWorkflow() when on is missing", (t) => {
const errors = actionsutil.validateWorkflow({});
t.deepEqual(errors, ["Please specify on.push and on.pull_request hooks."]);
t.deepEqual(errors, [actionsutil.ErrMissingHooks]);
});
test("validateWorkflow() when on.push is missing", (t) => {
@ -93,23 +93,19 @@ test("validateWorkflow() when on.push is missing", (t) => {
console.log(errors);
t.deepEqual(errors, ["Please specify on.push and on.pull_request hooks."]);
t.deepEqual(errors, [actionsutil.ErrMissingHooks]);
});
test("validateWorkflow() when on.push is an array missing pull_request", (t) => {
const errors = actionsutil.validateWorkflow({ on: ["push"] });
t.deepEqual(errors, [
"Please specify an on.pull_request hook so CodeQL is run against new pull requests.",
]);
t.deepEqual(errors, [actionsutil.ErrMissingPullRequestHook]);
});
test("validateWorkflow() when on.push is an array missing push", (t) => {
const errors = actionsutil.validateWorkflow({ on: ["pull_request"] });
t.deepEqual(errors, [
"Please specify an on.push hook so CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMissingPushHook]);
});
test("validateWorkflow() when on.push is valid", (t) => {
@ -136,7 +132,7 @@ test("validateWorkflow() when on.push should not have a path", (t) => {
},
});
t.deepEqual(errors, ["Please do not specify paths at on.pull."]);
t.deepEqual(errors, [actionsutil.ErrPathsSpecified]);
});
test("validateWorkflow() when on.push is a correct object", (t) => {
@ -165,9 +161,7 @@ test("validateWorkflow() when on.push is mismatched", (t) => {
},
});
t.deepEqual(errors, [
"Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMismatchedBranches]);
});
test("validateWorkflow() when on.push is not mismatched", (t) => {
@ -189,9 +183,7 @@ test("validateWorkflow() when on.push is mismatched for pull_request", (t) => {
},
});
t.deepEqual(errors, [
"Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline.",
]);
t.deepEqual(errors, [actionsutil.ErrMismatchedBranches]);
});
test("validateWorkflow() when HEAD^2 is checked out", (t) => {
@ -200,7 +192,5 @@ test("validateWorkflow() when HEAD^2 is checked out", (t) => {
jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
});
t.deepEqual(errors, [
"Git checkout HEAD^2 is no longer necessary. Please remove this line from your workflow.",
]);
t.deepEqual(errors, [actionsutil.ErrCheckoutWrongHead]);
});

37
src/actions-util.ts
View file

@ -1,8 +1,10 @@
import * as fs from "fs";
import * as path from "path";
import * as core from "@actions/core";
import * as toolrunner from "@actions/exec/lib/toolrunner";
import * as safeWhich from "@chrisgavin/safe-which";
import * as yaml from "js-yaml";
import * as api from "./api-client";
import * as sharedEnv from "./shared-environment";
@ -133,6 +135,13 @@ enum MissingTriggers {
PULL_REQUEST = 2,
}
export const ErrCheckoutWrongHead = `Git checkout HEAD^2 is no longer necessary. Please remove this line.`;
export const ErrMismatchedBranches = `Please make sure that any branches in on.pull_request are also in on.push so that CodeQL can establish a baseline.`;
export const ErrMissingHooks = `Please specify on.push and on.pull_request hooks.`;
export const ErrMissingPushHook = `Please specify an on.push hook so CodeQL can establish a baseline.`;
export const ErrMissingPullRequestHook = `Please specify an on.pull_request hook so CodeQL is run against new pull requests.`;
export const ErrPathsSpecified = `Please do not specify paths at on.pull.`;
export function validateWorkflow(doc: Workflow): string[] {
const errors: string[] = [];
@ -140,9 +149,7 @@ export function validateWorkflow(doc: Workflow): string[] {
for (const job of Object.values(doc?.jobs || {})) {
for (const step of job?.steps || []) {
if (step?.run === "git checkout HEAD^2") {
errors.push(
`Git checkout HEAD^2 is no longer necessary. Please remove this line from your workflow.`
);
errors.push(ErrCheckoutWrongHead);
}
}
}
@ -179,7 +186,7 @@ export function validateWorkflow(doc: Workflow): string[] {
} else {
const paths = doc.on.push?.paths;
if (Array.isArray(paths) && paths.length > 0) {
errors.push("Please do not specify paths at on.pull.");
errors.push(ErrPathsSpecified);
}
}
@ -190,36 +197,38 @@ export function validateWorkflow(doc: Workflow): string[] {
const intersects = pull_request.filter((value) => !push.includes(value));
if (intersects.length > 0) {
errors.push(
"Please make sure that any branches in on.pull_request: are also in on.push: so that CodeQL can establish a baseline."
);
errors.push(ErrMismatchedBranches);
}
}
}
switch (missing) {
case MissingTriggers.PULL_REQUEST | MissingTriggers.PUSH:
errors.push("Please specify on.push and on.pull_request hooks.");
errors.push(ErrMissingHooks);
break;
case MissingTriggers.PULL_REQUEST:
errors.push(
"Please specify an on.pull_request hook so CodeQL is run against new pull requests."
);
errors.push(ErrMissingPullRequestHook);
break;
case MissingTriggers.PUSH:
errors.push(
"Please specify an on.push hook so CodeQL can establish a baseline."
);
errors.push(ErrMissingPushHook);
break;
}
return errors;
}
export async function getWorkflow(): Promise<Workflow> {
return yaml.safeLoad(fs.readFileSync(await getWorkflowPath(), "utf-8"));
}
/**
* Get the path of the currently executing workflow.
*/
async function getWorkflowPath(): Promise<string> {
if (isLocalRun()) {
return getRequiredEnvParam("WORKFLOW_PATH");
}
const repo_nwo = getRequiredEnvParam("GITHUB_REPOSITORY").split("/");
const owner = repo_nwo[0];
const repo = repo_nwo[1];

22
src/init-action.ts
View file

@ -96,9 +96,29 @@ async function run() {
try {
actionsUtil.prepareLocalRunEnvironment();
const workflowErrors = actionsUtil.validateWorkflow(
await actionsUtil.getWorkflow()
);
const workflowErrorMessage =
workflowErrors.length > 0
? `${workflowErrors.length} issue${
workflowErrors.length === 1 ? " was" : "s were"
} detected with this workflow: ${workflowErrors.join(", ")}`
: undefined;
if (workflowErrorMessage !== undefined) {
core.warning(workflowErrorMessage);
}
if (
!(await actionsUtil.sendStatusReport(
await actionsUtil.createStatusReportBase("init", "starting", startedAt)
await actionsUtil.createStatusReportBase(
"init",
"starting",
startedAt,
workflowErrorMessage
)
))
) {
return;