Merge pull request #1712 from github/henrymercer/remove-unused-env-var

Remove unused `CODESCANNING_EVENT_NAME` environment variable
2023-06-01 18:28:45 +01:00 · 2023-06-01 18:28:45 +01:00 · 926a4898bc
commit 926a4898bc
parent 96f2840282 dfc31c9995
12 changed files with 80 additions and 95 deletions
--- a/lib/actions-util.js
+++ b/lib/actions-util.js
@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.workflowEventName = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionVersion = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionVersion = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
@ -104,7 +104,7 @@ exports.getCommitOid = getCommitOid;
 * Returns undefined if run by other triggers or the merge base cannot be determined.
 */
 const determineMergeBaseCommitOid = async function () {
-    if (workflowEventName() !== "pull_request") {
+    if (getWorkflowEventName() !== "pull_request") {
        return undefined;
    }
    const mergeSha = (0, util_1.getRequiredEnvParam)("GITHUB_SHA");
@ -155,7 +155,7 @@ exports.determineMergeBaseCommitOid = determineMergeBaseCommitOid;
 *
 * This will combine the workflow path and current job name.
 * Computing this the first time requires making requests to
- * the github API, but after that the result will be cached.
+ * the GitHub API, but after that the result will be cached.
 */
 async function getAnalysisKey() {
    const analysisKeyEnvVar = "CODEQL_ACTION_ANALYSIS_KEY";
@ -395,7 +395,8 @@ async function sendStatusReport(statusReport) {
        if ((0, util_1.isHTTPError)(e)) {
            switch (e.status) {
                case 403:
-                    if (workflowIsTriggeredByPushEvent() && isDependabotActor()) {
+                    if (getWorkflowEventName() === "push" &&
+                        process.env["GITHUB_ACTOR"] === "dependabot[bot]") {
                        core.setFailed('Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
                            "Uploading Code Scanning results requires write access. " +
                            'To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. ' +
@ -428,42 +429,36 @@ async function sendStatusReport(statusReport) {
    }
 }
 exports.sendStatusReport = sendStatusReport;
-function workflowEventName() {
-    // If the original event is dynamic CODESCANNING_EVENT_NAME will contain the right info (push/pull_request)
-    if (process.env["GITHUB_EVENT_NAME"] === "dynamic") {
-        const value = process.env["CODESCANNING_EVENT_NAME"];
-        if (value === undefined || value.length === 0) {
-            return process.env["GITHUB_EVENT_NAME"];
-        }
-        return value;
-    }
-    return process.env["GITHUB_EVENT_NAME"];
+/**
+ * Returns the name of the event that triggered this workflow.
+ *
+ * This will be "dynamic" for default setup workflow runs.
+ */
+function getWorkflowEventName() {
+    return (0, util_1.getRequiredEnvParam)("GITHUB_EVENT_NAME");
 }
-exports.workflowEventName = workflowEventName;
-// Was the workflow run triggered by a `push` event, for example as opposed to a `pull_request` event.
-function workflowIsTriggeredByPushEvent() {
-    return workflowEventName() === "push";
-}
-// Is dependabot the actor that triggered the current workflow run.
-function isDependabotActor() {
-    return process.env["GITHUB_ACTOR"] === "dependabot[bot]";
-}
-// Is the current action executing a local copy (i.e. we're running a workflow on the codeql-action repo itself)
-// as opposed to running a remote action (i.e. when another repo references us)
+exports.getWorkflowEventName = getWorkflowEventName;
+/**
+ * Returns whether the current workflow is executing a local copy of the Action, e.g. we're running
+ * a workflow on the codeql-action repo itself.
+ */
 function isRunningLocalAction() {
    const relativeScriptPath = getRelativeScriptPath();
    return (relativeScriptPath.startsWith("..") || path.isAbsolute(relativeScriptPath));
 }
 exports.isRunningLocalAction = isRunningLocalAction;
-// Get the location where the action is running from.
-// This can be used to get the actions name or tell if we're running a local action.
+/**
+ * Get the location where the Action is running from.
+ *
+ * This can be used to get the Action's name or tell if we're running a local Action.
+ */
 function getRelativeScriptPath() {
    const runnerTemp = (0, util_1.getRequiredEnvParam)("RUNNER_TEMP");
    const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions");
    return path.relative(actionsDirectory, __filename);
 }
 exports.getRelativeScriptPath = getRelativeScriptPath;
-// Reads the contents of GITHUB_EVENT_PATH as a JSON object
+/** Returns the contents of `GITHUB_EVENT_PATH` as a JSON object. */
 function getWorkflowEvent() {
    const eventJsonFile = (0, util_1.getRequiredEnvParam)("GITHUB_EVENT_PATH");
    try {
@ -476,10 +471,13 @@ function getWorkflowEvent() {
 function removeRefsHeadsPrefix(ref) {
    return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
 }
-// Returns whether we are analyzing the default branch for the repository.
-// For cases where the repository information might not be available (e.g.,
-// dynamic workflows), this can be forced by the environment variable
-// CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH.
+/**
+ * Returns whether we are analyzing the default branch for the repository.
+ *
+ * This first checks the environment variable `CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH`. This
+ * environment variable can be set in cases where repository information might not be available, for
+ * example dynamic workflows.
+ */
 async function isAnalyzingDefaultBranch() {
    if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
        return true;
@ -489,7 +487,7 @@ async function isAnalyzingDefaultBranch() {
    currentRef = removeRefsHeadsPrefix(currentRef);
    const event = getWorkflowEvent();
    let defaultBranch = event?.repository?.default_branch;
-    if (process.env.GITHUB_EVENT_NAME === "schedule") {
+    if (getWorkflowEventName() === "schedule") {
        defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
    }
    return currentRef === defaultBranch;
@ -524,7 +522,10 @@ async function printDebugLogs(config) {
    }
 }
 exports.printDebugLogs = printDebugLogs;
-// Parses the `upload` input into an `UploadKind`, converting unspecified and deprecated upload inputs appropriately.
+/**
+ * Parses the `upload` input into an `UploadKind`, converting unspecified and deprecated upload
+ * inputs appropriately.
+ */
 function getUploadValue(input) {
    switch (input) {
        case undefined:
--- a/lib/actions-util.js.map
+++ b/lib/actions-util.js.map
--- a/lib/actions-util.test.js
+++ b/lib/actions-util.test.js
@ -172,6 +172,7 @@ const util_1 = require("./util");
    t.deepEqual(process.env.CODEQL_ACTION_VERSION, "1.2.3");
 });
 (0, ava_1.default)("isAnalyzingDefaultBranch()", async (t) => {
+    process.env["GITHUB_EVENT_NAME"] = "push";
    process.env["CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH"] = "true";
    t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), true);
    process.env["CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH"] = "false";
@ -210,12 +211,4 @@ const util_1 = require("./util");
        getAdditionalInputStub.restore();
    });
 });
-(0, ava_1.default)("workflowEventName()", async (t) => {
-    process.env["GITHUB_EVENT_NAME"] = "push";
-    t.deepEqual(actionsutil.workflowEventName(), "push");
-    process.env["GITHUB_EVENT_NAME"] = "dynamic";
-    t.deepEqual(actionsutil.workflowEventName(), "dynamic");
-    process.env["CODESCANNING_EVENT_NAME"] = "push";
-    t.deepEqual(actionsutil.workflowEventName(), "push");
-});
 //# sourceMappingURL=actions-util.test.js.map
--- a/lib/actions-util.test.js.map
+++ b/lib/actions-util.test.js.map
--- a/lib/trap-caching.js
+++ b/lib/trap-caching.js
@ -91,7 +91,7 @@ async function downloadTrapCaches(codeql, languages, logger) {
    }
    let baseSha = "unknown";
    const eventPath = process.env.GITHUB_EVENT_PATH;
-    if (actionsUtil.workflowEventName() === "pull_request" &&
+    if (actionsUtil.getWorkflowEventName() === "pull_request" &&
        eventPath !== undefined) {
        const event = JSON.parse(fs.readFileSync(path.resolve(eventPath), "utf-8"));
        baseSha = event.pull_request?.base?.sha || baseSha;
--- a/lib/trap-caching.js.map
+++ b/lib/trap-caching.js.map
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@ -220,7 +220,7 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
        base_ref: undefined,
        base_sha: undefined,
    };
-    if (actionsUtil.workflowEventName() === "pull_request") {
+    if (actionsUtil.getWorkflowEventName() === "pull_request") {
        if (commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
            mergeBaseCommitOid) {
            // We're uploading results for the merge commit
--- a/lib/upload-lib.js.map
+++ b/lib/upload-lib.js.map
--- a/src/actions-util.test.ts
+++ b/src/actions-util.test.ts
@ -214,6 +214,7 @@ test("initializeEnvironment", (t) => {
 });

 test("isAnalyzingDefaultBranch()", async (t) => {
+  process.env["GITHUB_EVENT_NAME"] = "push";
  process.env["CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH"] = "true";
  t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), true);
  process.env["CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH"] = "false";
@ -264,14 +265,3 @@ test("isAnalyzingDefaultBranch()", async (t) => {
    getAdditionalInputStub.restore();
  });
 });
-
-test("workflowEventName()", async (t) => {
-  process.env["GITHUB_EVENT_NAME"] = "push";
-  t.deepEqual(actionsutil.workflowEventName(), "push");
-
-  process.env["GITHUB_EVENT_NAME"] = "dynamic";
-  t.deepEqual(actionsutil.workflowEventName(), "dynamic");
-
-  process.env["CODESCANNING_EVENT_NAME"] = "push";
-  t.deepEqual(actionsutil.workflowEventName(), "push");
-});
--- a/src/actions-util.ts
+++ b/src/actions-util.ts
@ -108,7 +108,7 @@ export const getCommitOid = async function (
 export const determineMergeBaseCommitOid = async function (): Promise<
  string | undefined
 > {
-  if (workflowEventName() !== "pull_request") {
+  if (getWorkflowEventName() !== "pull_request") {
    return undefined;
  }

@ -168,7 +168,7 @@ export const determineMergeBaseCommitOid = async function (): Promise<
 *
 * This will combine the workflow path and current job name.
 * Computing this the first time requires making requests to
- * the github API, but after that the result will be cached.
+ * the GitHub API, but after that the result will be cached.
 */
 export async function getAnalysisKey(): Promise<string> {
  const analysisKeyEnvVar = "CODEQL_ACTION_ANALYSIS_KEY";
@ -540,7 +540,10 @@ export async function sendStatusReport<S extends StatusReportBase>(
    if (isHTTPError(e)) {
      switch (e.status) {
        case 403:
-          if (workflowIsTriggeredByPushEvent() && isDependabotActor()) {
+          if (
+            getWorkflowEventName() === "push" &&
+            process.env["GITHUB_ACTOR"] === "dependabot[bot]"
+          ) {
            core.setFailed(
              'Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
                "Uploading Code Scanning results requires write access. " +
@ -576,30 +579,19 @@ export async function sendStatusReport<S extends StatusReportBase>(
  }
 }

-export function workflowEventName() {
-  // If the original event is dynamic CODESCANNING_EVENT_NAME will contain the right info (push/pull_request)
-  if (process.env["GITHUB_EVENT_NAME"] === "dynamic") {
-    const value = process.env["CODESCANNING_EVENT_NAME"];
-    if (value === undefined || value.length === 0) {
-      return process.env["GITHUB_EVENT_NAME"];
-    }
-    return value;
-  }
-  return process.env["GITHUB_EVENT_NAME"];
+/**
+ * Returns the name of the event that triggered this workflow.
+ *
+ * This will be "dynamic" for default setup workflow runs.
+ */
+export function getWorkflowEventName() {
+  return getRequiredEnvParam("GITHUB_EVENT_NAME");
 }

-// Was the workflow run triggered by a `push` event, for example as opposed to a `pull_request` event.
-function workflowIsTriggeredByPushEvent() {
-  return workflowEventName() === "push";
-}
-
-// Is dependabot the actor that triggered the current workflow run.
-function isDependabotActor() {
-  return process.env["GITHUB_ACTOR"] === "dependabot[bot]";
-}
-
-// Is the current action executing a local copy (i.e. we're running a workflow on the codeql-action repo itself)
-// as opposed to running a remote action (i.e. when another repo references us)
+/**
+ * Returns whether the current workflow is executing a local copy of the Action, e.g. we're running
+ * a workflow on the codeql-action repo itself.
+ */
 export function isRunningLocalAction(): boolean {
  const relativeScriptPath = getRelativeScriptPath();
  return (
@ -607,15 +599,18 @@ export function isRunningLocalAction(): boolean {
  );
 }

-// Get the location where the action is running from.
-// This can be used to get the actions name or tell if we're running a local action.
+/**
+ * Get the location where the Action is running from.
+ *
+ * This can be used to get the Action's name or tell if we're running a local Action.
+ */
 export function getRelativeScriptPath(): string {
  const runnerTemp = getRequiredEnvParam("RUNNER_TEMP");
  const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions");
  return path.relative(actionsDirectory, __filename);
 }

-// Reads the contents of GITHUB_EVENT_PATH as a JSON object
+/** Returns the contents of `GITHUB_EVENT_PATH` as a JSON object. */
 function getWorkflowEvent(): any {
  const eventJsonFile = getRequiredEnvParam("GITHUB_EVENT_PATH");
  try {
@ -631,10 +626,13 @@ function removeRefsHeadsPrefix(ref: string): string {
  return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
 }

-// Returns whether we are analyzing the default branch for the repository.
-// For cases where the repository information might not be available (e.g.,
-// dynamic workflows), this can be forced by the environment variable
-// CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH.
+/**
+ * Returns whether we are analyzing the default branch for the repository.
+ *
+ * This first checks the environment variable `CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH`. This
+ * environment variable can be set in cases where repository information might not be available, for
+ * example dynamic workflows.
+ */
 export async function isAnalyzingDefaultBranch(): Promise<boolean> {
  if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
    return true;
@ -647,7 +645,7 @@ export async function isAnalyzingDefaultBranch(): Promise<boolean> {
  const event = getWorkflowEvent();
  let defaultBranch = event?.repository?.default_branch;

-  if (process.env.GITHUB_EVENT_NAME === "schedule") {
+  if (getWorkflowEventName() === "schedule") {
    defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
  }

@ -687,7 +685,10 @@ export async function printDebugLogs(config: Config) {

 export type UploadKind = "always" | "failure-only" | "never";

-// Parses the `upload` input into an `UploadKind`, converting unspecified and deprecated upload inputs appropriately.
+/**
+ * Parses the `upload` input into an `UploadKind`, converting unspecified and deprecated upload
+ * inputs appropriately.
+ */
 export function getUploadValue(input: string | undefined): UploadKind {
  switch (input) {
    case undefined:
--- a/src/trap-caching.ts
+++ b/src/trap-caching.ts
@ -99,7 +99,7 @@ export async function downloadTrapCaches(
  let baseSha = "unknown";
  const eventPath = process.env.GITHUB_EVENT_PATH;
  if (
-    actionsUtil.workflowEventName() === "pull_request" &&
+    actionsUtil.getWorkflowEventName() === "pull_request" &&
    eventPath !== undefined
  ) {
    const event = JSON.parse(fs.readFileSync(path.resolve(eventPath), "utf-8"));
--- a/src/upload-lib.ts
+++ b/src/upload-lib.ts
@ -293,7 +293,7 @@ export function buildPayload(
    base_sha: undefined as undefined | string,
  };

-  if (actionsUtil.workflowEventName() === "pull_request") {
+  if (actionsUtil.getWorkflowEventName() === "pull_request") {
    if (
      commitOid === util.getRequiredEnvParam("GITHUB_SHA") &&
      mergeBaseCommitOid