Pull out a dedicated status report file

lib/actions-util.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getActionsStatus = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -220,15 +220,6 @@ function getRefFromEnv() {
     }
     return refEnv;
 }
-function getActionsStatus(error, otherFailureCause) {
-    if (error || otherFailureCause) {
-        return error instanceof util_1.UserError ? "user-error" : "failure";
-    }
-    else {
-        return "success";
-    }
-}
-exports.getActionsStatus = getActionsStatus;
 function getActionVersion() {
     return pkg.version;
 }

lib/actions-util.test.js

@@ -213,37 +213,4 @@ const util_1 = require("./util");
         getAdditionalInputStub.restore();
     });
 });
-(0, ava_1.default)("createStatusReportBase", async (t) => {
-    await (0, util_1.withTmpDir)(async (tmpDir) => {
-        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        process.env["GITHUB_REF"] = "refs/heads/main";
-        process.env["GITHUB_SHA"] = "a".repeat(40);
-        process.env["GITHUB_RUN_ID"] = "100";
-        process.env["GITHUB_RUN_ATTEMPT"] = "2";
-        process.env["GITHUB_REPOSITORY"] = "octocat/HelloWorld";
-        process.env["CODEQL_ACTION_ANALYSIS_KEY"] = "analysis-key";
-        process.env["RUNNER_OS"] = "macOS";
-        const getRequiredInput = sinon.stub(actionsUtil, "getRequiredInput");
-        getRequiredInput.withArgs("matrix").resolves("input/matrix");
-        const statusReport = await (0, api_client_1.createStatusReportBase)("init", "failure", new Date("May 19, 2023 05:19:00"), "failure cause", "exception stack trace");
-        t.assert(typeof statusReport.job_run_uuid === "string");
-        t.assert(statusReport.workflow_run_id === 100);
-        t.assert(statusReport.workflow_run_attempt === 2);
-        t.assert(statusReport.workflow_name === (process.env["GITHUB_WORKFLOW"] || ""));
-        t.assert(statusReport.job_name === (process.env["GITHUB_JOB"] || ""));
-        t.assert(statusReport.analysis_key === "analysis-key");
-        t.assert(statusReport.commit_oid === process.env["GITHUB_SHA"]);
-        t.assert(statusReport.ref === process.env["GITHUB_REF"]);
-        t.assert(statusReport.action_name === "init");
-        t.assert(statusReport.action_oid === "unknown");
-        t.assert(statusReport.started_at === process.env[environment_1.EnvVar.WORKFLOW_STARTED_AT]);
-        t.assert(statusReport.action_started_at ===
-            new Date("May 19, 2023 05:19:00").toISOString());
-        t.assert(statusReport.status === "failure");
-        t.assert(statusReport.cause === "failure cause");
-        t.assert(statusReport.exception === "exception stack trace");
-        t.assert(statusReport.runner_os === process.env["RUNNER_OS"]);
-        t.assert(typeof statusReport.action_version === "string");
-    });
-});
 //# sourceMappingURL=actions-util.test.js.map

lib/analyze-action-env.test.js

@@ -32,6 +32,7 @@ const actionsUtil = __importStar(require("./actions-util"));
 const analyze = __importStar(require("./analyze"));
 const api = __importStar(require("./api-client"));
 const configUtils = __importStar(require("./config-utils"));
+const statusReport = __importStar(require("./status-report"));
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
@@ -47,9 +48,9 @@ const util = __importStar(require("./util"));
         process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
         process.env["GITHUB_API_URL"] = "https://api.github.com";
         sinon
-            .stub(api, "createStatusReportBase")
+            .stub(statusReport, "createStatusReportBase")
             .resolves({});
-        sinon.stub(api, "sendStatusReport").resolves(true);
+        sinon.stub(statusReport, "sendStatusReport").resolves(true);
         sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
         const gitHubVersion = {
             type: util.GitHubVariant.DOTCOM,

lib/analyze-action-env.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,GAAG,EAAE,wBAAwB,CAAC;aACnC,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-input.test.js

@@ -32,6 +32,7 @@ const actionsUtil = __importStar(require("./actions-util"));
 const analyze = __importStar(require("./analyze"));
 const api = __importStar(require("./api-client"));
 const configUtils = __importStar(require("./config-utils"));
+const statusReport = __importStar(require("./status-report"));
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
@@ -47,9 +48,9 @@ const util = __importStar(require("./util"));
         process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
         process.env["GITHUB_API_URL"] = "https://api.github.com";
         sinon
-            .stub(api, "createStatusReportBase")
+            .stub(statusReport, "createStatusReportBase")
             .resolves({});
-        sinon.stub(api, "sendStatusReport").resolves(true);
+        sinon.stub(statusReport, "sendStatusReport").resolves(true);
         const gitHubVersion = {
             type: util.GitHubVariant.DOTCOM,
         };

lib/analyze-action-input.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,GAAG,EAAE,wBAAwB,CAAC;aACnC,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action.js

@@ -34,7 +34,6 @@ const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const analyze_1 = require("./analyze");
 const api_client_1 = require("./api-client");
-const api = __importStar(require("./api-client"));
 const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
@@ -44,14 +43,16 @@ const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
+const statusReport = __importStar(require("./status-report"));
+const status_report_1 = require("./status-report");
 const trap_caching_1 = require("./trap-caching");
 const uploadLib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
 async function sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger) {
-    const status = actionsUtil.getActionsStatus(error, stats?.analyze_failure_language);
+    const status = (0, status_report_1.getActionsStatus)(error, stats?.analyze_failure_language);
-    const statusReportBase = await api.createStatusReportBase("finish", status, startedAt, error?.message, error?.stack);
+    const statusReportBase = await (0, status_report_1.createStatusReportBase)("finish", status, startedAt, error?.message, error?.stack);
-    const statusReport = {
+    const report = {
         ...statusReportBase,
         ...(config
             ? {
@@ -63,14 +64,14 @@ async function sendStatusReport(startedAt, config, stats, error, trapCacheUpload
     };
     if (config && didUploadTrapCaches) {
         const trapCacheUploadStatusReport = {
-            ...statusReport,
+            ...report,
             trap_cache_upload_duration_ms: Math.round(trapCacheUploadTime || 0),
             trap_cache_upload_size_bytes: Math.round(await (0, trap_caching_1.getTotalCacheSize)(config.trapCaches, logger)),
         };
-        await api.sendStatusReport(trapCacheUploadStatusReport);
+        await statusReport.sendStatusReport(trapCacheUploadStatusReport);
     }
     else {
-        await api.sendStatusReport(statusReport);
+        await statusReport.sendStatusReport(report);
     }
 }
 exports.sendStatusReport = sendStatusReport;
@@ -146,7 +147,7 @@ async function run() {
     util.initializeEnvironment(actionsUtil.getActionVersion());
     const logger = (0, logging_1.getActionsLogger)();
     try {
-        if (!(await api.sendStatusReport(await api.createStatusReportBase("finish", "starting", startedAt)))) {
+        if (!(await statusReport.sendStatusReport(await (0, status_report_1.createStatusReportBase)("finish", "starting", startedAt)))) {
             return;
         }
         config = await (0, config_utils_1.getConfig)(actionsUtil.getTemporaryDirectory(), logger);

lib/api-client.js

@@ -26,14 +26,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRelativePath = exports.sendStatusReport = exports.createStatusReportBase = exports.getGitHubVersion = exports.getGitHubVersionFromApi = exports.getApiClientWithExternalAuth = exports.getApiClient = exports.getApiDetails = exports.DisallowedAPIVersionReason = void 0;
+exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRelativePath = exports.getGitHubVersion = exports.getGitHubVersionFromApi = exports.getApiClientWithExternalAuth = exports.getApiClient = exports.getApiDetails = exports.DisallowedAPIVersionReason = void 0;
-const os = __importStar(require("os"));
 const core = __importStar(require("@actions/core"));
 const githubUtils = __importStar(require("@actions/github/lib/utils"));
 const retry = __importStar(require("@octokit/plugin-retry"));
 const console_log_level_1 = __importDefault(require("console-log-level"));
 const actions_util_1 = require("./actions-util");
-const environment_1 = require("./environment");
 const util_1 = require("./util");
 const GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
 var DisallowedAPIVersionReason;
@@ -104,159 +102,6 @@ async function getGitHubVersion() {
     return cachedGitHubVersion;
 }
 exports.getGitHubVersion = getGitHubVersion;
-/**
- * Compose a StatusReport.
- *
- * @param actionName The name of the action, e.g. 'init', 'finish', 'upload-sarif'
- * @param status The status. Must be 'success', 'failure', or 'starting'
- * @param startedAt The time this action started executing.
- * @param cause  Cause of failure (only supply if status is 'failure')
- * @param exception Exception (only supply if status is 'failure')
- */
-async function createStatusReportBase(actionName, status, actionStartedAt, cause, exception) {
-    const commitOid = (0, actions_util_1.getOptionalInput)("sha") || process.env["GITHUB_SHA"] || "";
-    const ref = await (0, actions_util_1.getRef)();
-    const jobRunUUID = process.env[environment_1.EnvVar.JOB_RUN_UUID] || "";
-    const workflowRunID = (0, actions_util_1.getWorkflowRunID)();
-    const workflowRunAttempt = (0, actions_util_1.getWorkflowRunAttempt)();
-    const workflowName = process.env["GITHUB_WORKFLOW"] || "";
-    const jobName = process.env["GITHUB_JOB"] || "";
-    const analysis_key = await getAnalysisKey();
-    let workflowStartedAt = process.env[environment_1.EnvVar.WORKFLOW_STARTED_AT];
-    if (workflowStartedAt === undefined) {
-        workflowStartedAt = actionStartedAt.toISOString();
-        core.exportVariable(environment_1.EnvVar.WORKFLOW_STARTED_AT, workflowStartedAt);
-    }
-    const runnerOs = (0, util_1.getRequiredEnvParam)("RUNNER_OS");
-    const codeQlCliVersion = (0, util_1.getCachedCodeQlVersion)();
-    const actionRef = process.env["GITHUB_ACTION_REF"];
-    const testingEnvironment = process.env[environment_1.EnvVar.TESTING_ENVIRONMENT] || "";
-    // re-export the testing environment variable so that it is available to subsequent steps,
-    // even if it was only set for this step
-    if (testingEnvironment !== "") {
-        core.exportVariable(environment_1.EnvVar.TESTING_ENVIRONMENT, testingEnvironment);
-    }
-    const statusReport = {
-        job_run_uuid: jobRunUUID,
-        workflow_run_id: workflowRunID,
-        workflow_run_attempt: workflowRunAttempt,
-        workflow_name: workflowName,
-        job_name: jobName,
-        analysis_key,
-        commit_oid: commitOid,
-        ref,
-        action_name: actionName,
-        action_ref: actionRef,
-        action_oid: "unknown",
-        started_at: workflowStartedAt,
-        action_started_at: actionStartedAt.toISOString(),
-        status,
-        testing_environment: testingEnvironment,
-        runner_os: runnerOs,
-        action_version: (0, actions_util_1.getActionVersion)(),
-    };
-    // Add optional parameters
-    if (cause) {
-        statusReport.cause = cause;
-    }
-    if (exception) {
-        statusReport.exception = exception;
-    }
-    if (status === "success" ||
-        status === "failure" ||
-        status === "aborted" ||
-        status === "user-error") {
-        statusReport.completed_at = new Date().toISOString();
-    }
-    const matrix = (0, actions_util_1.getRequiredInput)("matrix");
-    if (matrix) {
-        statusReport.matrix_vars = matrix;
-    }
-    if ("RUNNER_ARCH" in process.env) {
-        // RUNNER_ARCH is available only in GHES 3.4 and later
-        // Values other than X86, X64, ARM, or ARM64 are discarded server side
-        statusReport.runner_arch = process.env["RUNNER_ARCH"];
-    }
-    if (runnerOs === "Windows" || runnerOs === "macOS") {
-        statusReport.runner_os_release = os.release();
-    }
-    if (codeQlCliVersion !== undefined) {
-        statusReport.codeql_version = codeQlCliVersion;
-    }
-    return statusReport;
-}
-exports.createStatusReportBase = createStatusReportBase;
-const GENERIC_403_MSG = "The repo on which this action is running is not opted-in to CodeQL code scanning.";
-const GENERIC_404_MSG = "Not authorized to use the CodeQL code scanning feature on this repo.";
-const OUT_OF_DATE_MSG = "CodeQL Action is out-of-date. Please upgrade to the latest version of codeql-action.";
-const INCOMPATIBLE_MSG = "CodeQL Action version is incompatible with the code scanning endpoint. Please update to a compatible version of codeql-action.";
-/**
- * Send a status report to the code_scanning/analysis/status endpoint.
- *
- * Optionally checks the response from the API endpoint and sets the action
- * as failed if the status report failed. This is only expected to be used
- * when sending a 'starting' report.
- *
- * Returns whether sending the status report was successful of not.
- */
-async function sendStatusReport(statusReport) {
-    const statusReportJSON = JSON.stringify(statusReport);
-    core.debug(`Sending status report: ${statusReportJSON}`);
-    // If in test mode we don't want to upload the results
-    if ((0, util_1.isInTestMode)()) {
-        core.debug("In test mode. Status reports are not uploaded.");
-        return true;
-    }
-    const nwo = (0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY");
-    const [owner, repo] = nwo.split("/");
-    const client = getApiClient();
-    try {
-        await client.request("PUT /repos/:owner/:repo/code-scanning/analysis/status", {
-            owner,
-            repo,
-            data: statusReportJSON,
-        });
-        return true;
-    }
-    catch (e) {
-        console.log(e);
-        if ((0, util_1.isHTTPError)(e)) {
-            switch (e.status) {
-                case 403:
-                    if ((0, actions_util_1.getWorkflowEventName)() === "push" &&
-                        process.env["GITHUB_ACTOR"] === "dependabot[bot]") {
-                        core.setFailed('Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
-                            "Uploading Code Scanning results requires write access. " +
-                            'To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. ' +
-                            "See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.");
-                    }
-                    else {
-                        core.setFailed(e.message || GENERIC_403_MSG);
-                    }
-                    return false;
-                case 404:
-                    core.setFailed(GENERIC_404_MSG);
-                    return false;
-                case 422:
-                    // schema incompatibility when reporting status
-                    // this means that this action version is no longer compatible with the API
-                    // we still want to continue as it is likely the analysis endpoint will work
-                    if ((0, util_1.getRequiredEnvParam)("GITHUB_SERVER_URL") !== util_1.GITHUB_DOTCOM_URL) {
-                        core.debug(INCOMPATIBLE_MSG);
-                    }
-                    else {
-                        core.debug(OUT_OF_DATE_MSG);
-                    }
-                    return true;
-            }
-        }
-        // something else has gone wrong and the request/response will be logged by octokit
-        // it's possible this is a transient error and we should continue scanning
-        core.error("An unexpected error occurred when sending code scanning status report.");
-        return true;
-    }
-}
-exports.sendStatusReport = sendStatusReport;
 /**
  * Get the path of the currently executing workflow relative to the repository root.
  */

lib/autobuild-action.js

@@ -31,17 +31,18 @@ const configUtils = __importStar(require("./config-utils"));
 const environment_1 = require("./environment");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
+const status_report_1 = require("./status-report");
 const util_1 = require("./util");
 async function sendCompletedStatusReport(startedAt, allLanguages, failingLanguage, cause) {
     (0, util_1.initializeEnvironment)((0, actions_util_1.getActionVersion)());
-    const status = (0, actions_util_1.getActionsStatus)(cause, failingLanguage);
+    const status = (0, status_report_1.getActionsStatus)(cause, failingLanguage);
-    const statusReportBase = await (0, api_client_1.createStatusReportBase)("autobuild", status, startedAt, cause?.message, cause?.stack);
+    const statusReportBase = await (0, status_report_1.createStatusReportBase)("autobuild", status, startedAt, cause?.message, cause?.stack);
     const statusReport = {
         ...statusReportBase,
         autobuild_languages: allLanguages.join(","),
         autobuild_failure: failingLanguage,
     };
-    await (0, api_client_1.sendStatusReport)(statusReport);
+    await (0, status_report_1.sendStatusReport)(statusReport);
 }
 async function run() {
     const startedAt = new Date();
@@ -49,7 +50,7 @@ async function run() {
     let currentLanguage = undefined;
     let languages = undefined;
     try {
-        if (!(await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("autobuild", "starting", startedAt)))) {
+        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("autobuild", "starting", startedAt)))) {
             return;
         }
         const gitHubVersion = await (0, api_client_1.getGitHubVersion)();

lib/autobuild-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAMwB;AACxB,6CAIsB;AACtB,2CAAwE;AACxE,4DAA8C;AAC9C,+CAAuC;AACvC,2CAAuC;AACvC,uCAA6C;AAC7C,iCAIgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,mCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,6BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,6BAAgB,EACtB,MAAM,IAAA,mCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;iBAC1D;aACF;SACF;KACF;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KACxE;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAC9C,+CAAuC;AACvC,2CAAuC;AACvC,uCAA6C;AAC7C,mDAKyB;AACzB,iCAIgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,gCAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;iBAC1D;aACF;SACF;KACF;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KACxE;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/init-action-post.js

@@ -36,6 +36,7 @@ const feature_flags_1 = require("./feature-flags");
 const initActionPostHelper = __importStar(require("./init-action-post-helper"));
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
+const status_report_1 = require("./status-report");
 const util_1 = require("./util");
 async function runWrapper() {
     const startedAt = new Date();
@@ -51,15 +52,15 @@ async function runWrapper() {
     catch (unwrappedError) {
         const error = (0, util_1.wrapError)(unwrappedError);
         core.setFailed(error.message);
-        await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("init-post", (0, actions_util_1.getActionsStatus)(error), startedAt, error.message, error.stack));
+        await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("init-post", (0, status_report_1.getActionsStatus)(error), startedAt, error.message, error.stack));
         return;
     }
-    const statusReportBase = await (0, api_client_1.createStatusReportBase)("init-post", "success", startedAt);
+    const statusReportBase = await (0, status_report_1.createStatusReportBase)("init-post", "success", startedAt);
     const statusReport = {
         ...statusReportBase,
         ...uploadFailedSarifResult,
     };
-    await (0, api_client_1.sendStatusReport)(statusReport);
+    await (0, status_report_1.sendStatusReport)(statusReport);
 }
 void runWrapper();
 //# sourceMappingURL=init-action-post.js.map

lib/init-action-post.js.map

@@ -1 +1 @@
-{"version":3,"file":"init-action-post.js","sourceRoot":"","sources":["../src/init-action-post.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AAEtC,iDAKwB;AACxB,6CAIsB;AACtB,kEAAoD;AACpD,mDAA2C;AAC3C,gFAAkE;AAClE,uCAA6C;AAC7C,6CAAkD;AAClD,iCAIgB;AAMhB,KAAK,UAAU,UAAU;IACvB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,uBAES,CAAC;IACd,IAAI;QACF,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;QAClC,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;QACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;QAEF,uBAAuB,GAAG,MAAM,oBAAoB,CAAC,GAAG,CACtD,cAAc,CAAC,iCAAiC,EAChD,cAAc,CAAC,uBAAuB,EACtC,6BAAc,EACd,aAAa,EACb,QAAQ,EACR,MAAM,CACP,CAAC;KACH;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE9B,MAAM,IAAA,6BAAgB,EACpB,MAAM,IAAA,mCAAsB,EAC1B,WAAW,EACX,IAAA,+BAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,gBAAgB,GAAG,MAAM,IAAA,mCAAsB,EACnD,WAAW,EACX,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAAyB;QACzC,GAAG,gBAAgB;QACnB,GAAG,uBAAuB;KAC3B,CAAC;IACF,MAAM,IAAA,6BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"init-action-post.js","sourceRoot":"","sources":["../src/init-action-post.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AAEtC,iDAAuE;AACvE,6CAAgD;AAChD,kEAAoD;AACpD,mDAA2C;AAC3C,gFAAkE;AAClE,uCAA6C;AAC7C,6CAAkD;AAClD,mDAKyB;AACzB,iCAIgB;AAMhB,KAAK,UAAU,UAAU;IACvB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,uBAES,CAAC;IACd,IAAI;QACF,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;QAClC,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;QACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;QAEF,uBAAuB,GAAG,MAAM,oBAAoB,CAAC,GAAG,CACtD,cAAc,CAAC,iCAAiC,EAChD,cAAc,CAAC,uBAAuB,EACtC,6BAAc,EACd,aAAa,EACb,QAAQ,EACR,MAAM,CACP,CAAC;KACH;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE9B,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,IAAA,gCAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,WAAW,EACX,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAAyB;QACzC,GAAG,gBAAgB;QACnB,GAAG,uBAAuB;KAC3B,CAAC;IACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/init-action.js

@@ -36,11 +36,12 @@ const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
 const setup_codeql_1 = require("./setup-codeql");
+const status_report_1 = require("./status-report");
 const trap_caching_1 = require("./trap-caching");
 const util_1 = require("./util");
 const workflow_1 = require("./workflow");
 async function sendCompletedStatusReport(startedAt, config, toolsDownloadDurationMs, toolsFeatureFlagsValid, toolsSource, toolsVersion, logger, error) {
-    const statusReportBase = await (0, api_client_1.createStatusReportBase)("init", (0, actions_util_1.getActionsStatus)(error), startedAt, error?.message, error?.stack);
+    const statusReportBase = await (0, status_report_1.createStatusReportBase)("init", (0, status_report_1.getActionsStatus)(error), startedAt, error?.message, error?.stack);
     const workflowLanguages = (0, actions_util_1.getOptionalInput)("languages");
     const initStatusReport = {
         ...statusReportBase,
@@ -88,13 +89,13 @@ async function sendCompletedStatusReport(startedAt, config, toolsDownloadDuratio
             trap_cache_download_size_bytes: Math.round(await (0, trap_caching_1.getTotalCacheSize)(config.trapCaches, logger)),
             trap_cache_download_duration_ms: Math.round(config.trapCacheDownloadTime),
         };
-        await (0, api_client_1.sendStatusReport)({
+        await (0, status_report_1.sendStatusReport)({
             ...initWithConfigStatusReport,
             ...initToolsDownloadFields,
         });
     }
     else {
-        await (0, api_client_1.sendStatusReport)({ ...initStatusReport, ...initToolsDownloadFields });
+        await (0, status_report_1.sendStatusReport)({ ...initStatusReport, ...initToolsDownloadFields });
     }
 }
 async function run() {
@@ -121,7 +122,7 @@ async function run() {
     core.exportVariable(environment_1.EnvVar.JOB_RUN_UUID, (0, uuid_1.v4)());
     try {
         const workflowErrors = await (0, workflow_1.validateWorkflow)(logger);
-        if (!(await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("init", "starting", startedAt, workflowErrors)))) {
+        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("init", "starting", startedAt, workflowErrors)))) {
             return;
         }
         const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(gitHubVersion.type);
@@ -156,7 +157,7 @@ async function run() {
     catch (unwrappedError) {
         const error = (0, util_1.wrapError)(unwrappedError);
         core.setFailed(error.message);
-        await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("init", error instanceof util_1.UserError ? "user-error" : "aborted", startedAt, error.message, error.stack));
+        await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("init", error instanceof util_1.UserError ? "user-error" : "aborted", startedAt, error.message, error.stack));
         return;
     }
     try {

lib/resolve-environment-action.js

@@ -31,6 +31,7 @@ const configUtils = __importStar(require("./config-utils"));
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const resolve_environment_1 = require("./resolve-environment");
+const status_report_1 = require("./status-report");
 const util_1 = require("./util");
 const ACTION_NAME = "resolve-environment";
 const ENVIRONMENT_OUTPUT_NAME = "environment";
@@ -39,7 +40,7 @@ async function run() {
     const logger = (0, logging_1.getActionsLogger)();
     const language = (0, languages_1.resolveAlias)((0, actions_util_1.getRequiredInput)("language"));
     try {
-        if (!(await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)(ACTION_NAME, "starting", startedAt)))) {
+        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)(ACTION_NAME, "starting", startedAt)))) {
             return;
         }
         const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
@@ -63,11 +64,11 @@ async function run() {
         else {
             // For any other error types, something has more seriously gone wrong and we fail.
             core.setFailed(`Failed to resolve a build environment suitable for automatically building your code. ${error.message}`);
-            await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)(ACTION_NAME, (0, actions_util_1.getActionsStatus)(error), startedAt, error.message, error.stack));
+            await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)(ACTION_NAME, (0, status_report_1.getActionsStatus)(error), startedAt, error.message, error.stack));
         }
         return;
     }
-    await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)(ACTION_NAME, "success", startedAt));
+    await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)(ACTION_NAME, "success", startedAt));
 }
 async function runWrapper() {
     try {

lib/resolve-environment-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"resolve-environment-action.js","sourceRoot":"","sources":["../src/resolve-environment-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAKwB;AACxB,6CAIsB;AACtB,qCAAkD;AAClD,4DAA8C;AAC9C,2CAAqD;AACrD,uCAA6C;AAC7C,+DAAmE;AACnE,iCAA+E;AAE/E,MAAM,WAAW,GAAG,qBAAqB,CAAC;AAC1C,MAAM,uBAAuB,GAAG,aAAa,CAAC;AAE9C,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,QAAQ,GAAa,IAAA,wBAAY,EAAC,IAAA,+BAAgB,EAAC,UAAU,CAAC,CAAC,CAAC;IAEtE,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,6BAAgB,EACtB,MAAM,IAAA,mCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,IAAA,gDAA0B,EAC7C,MAAM,CAAC,SAAS,EAChB,MAAM,EACN,gBAAgB,EAChB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;KACjD;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QAExC,IAAI,KAAK,YAAY,+BAAsB,EAAE;YAC3C,6DAA6D;YAC7D,qEAAqE;YACrE,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;SACH;aAAM;YACL,kFAAkF;YAClF,IAAI,CAAC,SAAS,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;YAEF,MAAM,IAAA,6BAAgB,EACpB,MAAM,IAAA,mCAAsB,EAC1B,WAAW,EACX,IAAA,+BAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;SACH;QAED,OAAO;KACR;IAED,MAAM,IAAA,6BAAgB,EACpB,MAAM,IAAA,mCAAsB,EAAC,WAAW,EAAE,SAAS,EAAE,SAAS,CAAC,CAChE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,mBAAmB,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KAC7E;IACD,MAAM,IAAA,sBAAe,GAAE,CAAC;AAC1B,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"resolve-environment-action.js","sourceRoot":"","sources":["../src/resolve-environment-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,qCAAkD;AAClD,4DAA8C;AAC9C,2CAAqD;AACrD,uCAA6C;AAC7C,+DAAmE;AACnE,mDAIyB;AACzB,iCAA+E;AAE/E,MAAM,WAAW,GAAG,qBAAqB,CAAC;AAC1C,MAAM,uBAAuB,GAAG,aAAa,CAAC;AAE9C,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,QAAQ,GAAa,IAAA,wBAAY,EAAC,IAAA,+BAAgB,EAAC,UAAU,CAAC,CAAC,CAAC;IAEtE,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,IAAA,gDAA0B,EAC7C,MAAM,CAAC,SAAS,EAChB,MAAM,EACN,gBAAgB,EAChB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;KACjD;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QAExC,IAAI,KAAK,YAAY,+BAAsB,EAAE;YAC3C,6DAA6D;YAC7D,qEAAqE;YACrE,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;SACH;aAAM;YACL,kFAAkF;YAClF,IAAI,CAAC,SAAS,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;YAEF,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,IAAA,gCAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;SACH;QAED,OAAO;KACR;IAED,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAAC,WAAW,EAAE,SAAS,EAAE,SAAS,CAAC,CAChE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,mBAAmB,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KAC7E;IACD,MAAM,IAAA,sBAAe,GAAE,CAAC;AAC1B,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/status-report.js

@@ -0,0 +1,195 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sendStatusReport = exports.createStatusReportBase = exports.getActionsStatus = void 0;
+const os = __importStar(require("os"));
+const core = __importStar(require("@actions/core"));
+const actions_util_1 = require("./actions-util");
+const api_client_1 = require("./api-client");
+const environment_1 = require("./environment");
+const util_1 = require("./util");
+function getActionsStatus(error, otherFailureCause) {
+    if (error || otherFailureCause) {
+        return error instanceof util_1.UserError ? "user-error" : "failure";
+    }
+    else {
+        return "success";
+    }
+}
+exports.getActionsStatus = getActionsStatus;
+/**
+ * Compose a StatusReport.
+ *
+ * @param actionName The name of the action, e.g. 'init', 'finish', 'upload-sarif'
+ * @param status The status. Must be 'success', 'failure', or 'starting'
+ * @param startedAt The time this action started executing.
+ * @param cause  Cause of failure (only supply if status is 'failure')
+ * @param exception Exception (only supply if status is 'failure')
+ */
+async function createStatusReportBase(actionName, status, actionStartedAt, cause, exception) {
+    const commitOid = (0, actions_util_1.getOptionalInput)("sha") || process.env["GITHUB_SHA"] || "";
+    const ref = await (0, actions_util_1.getRef)();
+    const jobRunUUID = process.env[environment_1.EnvVar.JOB_RUN_UUID] || "";
+    const workflowRunID = (0, actions_util_1.getWorkflowRunID)();
+    const workflowRunAttempt = (0, actions_util_1.getWorkflowRunAttempt)();
+    const workflowName = process.env["GITHUB_WORKFLOW"] || "";
+    const jobName = process.env["GITHUB_JOB"] || "";
+    const analysis_key = await (0, api_client_1.getAnalysisKey)();
+    let workflowStartedAt = process.env[environment_1.EnvVar.WORKFLOW_STARTED_AT];
+    if (workflowStartedAt === undefined) {
+        workflowStartedAt = actionStartedAt.toISOString();
+        core.exportVariable(environment_1.EnvVar.WORKFLOW_STARTED_AT, workflowStartedAt);
+    }
+    const runnerOs = (0, util_1.getRequiredEnvParam)("RUNNER_OS");
+    const codeQlCliVersion = (0, util_1.getCachedCodeQlVersion)();
+    const actionRef = process.env["GITHUB_ACTION_REF"];
+    const testingEnvironment = process.env[environment_1.EnvVar.TESTING_ENVIRONMENT] || "";
+    // re-export the testing environment variable so that it is available to subsequent steps,
+    // even if it was only set for this step
+    if (testingEnvironment !== "") {
+        core.exportVariable(environment_1.EnvVar.TESTING_ENVIRONMENT, testingEnvironment);
+    }
+    const statusReport = {
+        job_run_uuid: jobRunUUID,
+        workflow_run_id: workflowRunID,
+        workflow_run_attempt: workflowRunAttempt,
+        workflow_name: workflowName,
+        job_name: jobName,
+        analysis_key,
+        commit_oid: commitOid,
+        ref,
+        action_name: actionName,
+        action_ref: actionRef,
+        action_oid: "unknown",
+        started_at: workflowStartedAt,
+        action_started_at: actionStartedAt.toISOString(),
+        status,
+        testing_environment: testingEnvironment,
+        runner_os: runnerOs,
+        action_version: (0, actions_util_1.getActionVersion)(),
+    };
+    // Add optional parameters
+    if (cause) {
+        statusReport.cause = cause;
+    }
+    if (exception) {
+        statusReport.exception = exception;
+    }
+    if (status === "success" ||
+        status === "failure" ||
+        status === "aborted" ||
+        status === "user-error") {
+        statusReport.completed_at = new Date().toISOString();
+    }
+    const matrix = (0, actions_util_1.getRequiredInput)("matrix");
+    if (matrix) {
+        statusReport.matrix_vars = matrix;
+    }
+    if ("RUNNER_ARCH" in process.env) {
+        // RUNNER_ARCH is available only in GHES 3.4 and later
+        // Values other than X86, X64, ARM, or ARM64 are discarded server side
+        statusReport.runner_arch = process.env["RUNNER_ARCH"];
+    }
+    if (runnerOs === "Windows" || runnerOs === "macOS") {
+        statusReport.runner_os_release = os.release();
+    }
+    if (codeQlCliVersion !== undefined) {
+        statusReport.codeql_version = codeQlCliVersion;
+    }
+    return statusReport;
+}
+exports.createStatusReportBase = createStatusReportBase;
+const GENERIC_403_MSG = "The repo on which this action is running is not opted-in to CodeQL code scanning.";
+const GENERIC_404_MSG = "Not authorized to use the CodeQL code scanning feature on this repo.";
+const OUT_OF_DATE_MSG = "CodeQL Action is out-of-date. Please upgrade to the latest version of codeql-action.";
+const INCOMPATIBLE_MSG = "CodeQL Action version is incompatible with the code scanning endpoint. Please update to a compatible version of codeql-action.";
+/**
+ * Send a status report to the code_scanning/analysis/status endpoint.
+ *
+ * Optionally checks the response from the API endpoint and sets the action
+ * as failed if the status report failed. This is only expected to be used
+ * when sending a 'starting' report.
+ *
+ * Returns whether sending the status report was successful of not.
+ */
+async function sendStatusReport(statusReport) {
+    const statusReportJSON = JSON.stringify(statusReport);
+    core.debug(`Sending status report: ${statusReportJSON}`);
+    // If in test mode we don't want to upload the results
+    if ((0, util_1.isInTestMode)()) {
+        core.debug("In test mode. Status reports are not uploaded.");
+        return true;
+    }
+    const nwo = (0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY");
+    const [owner, repo] = nwo.split("/");
+    const client = (0, api_client_1.getApiClient)();
+    try {
+        await client.request("PUT /repos/:owner/:repo/code-scanning/analysis/status", {
+            owner,
+            repo,
+            data: statusReportJSON,
+        });
+        return true;
+    }
+    catch (e) {
+        console.log(e);
+        if ((0, util_1.isHTTPError)(e)) {
+            switch (e.status) {
+                case 403:
+                    if ((0, actions_util_1.getWorkflowEventName)() === "push" &&
+                        process.env["GITHUB_ACTOR"] === "dependabot[bot]") {
+                        core.setFailed('Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
+                            "Uploading Code Scanning results requires write access. " +
+                            'To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. ' +
+                            "See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.");
+                    }
+                    else {
+                        core.setFailed(e.message || GENERIC_403_MSG);
+                    }
+                    return false;
+                case 404:
+                    core.setFailed(GENERIC_404_MSG);
+                    return false;
+                case 422:
+                    // schema incompatibility when reporting status
+                    // this means that this action version is no longer compatible with the API
+                    // we still want to continue as it is likely the analysis endpoint will work
+                    if ((0, util_1.getRequiredEnvParam)("GITHUB_SERVER_URL") !== util_1.GITHUB_DOTCOM_URL) {
+                        core.debug(INCOMPATIBLE_MSG);
+                    }
+                    else {
+                        core.debug(OUT_OF_DATE_MSG);
+                    }
+                    return true;
+            }
+        }
+        // something else has gone wrong and the request/response will be logged by octokit
+        // it's possible this is a transient error and we should continue scanning
+        core.error("An unexpected error occurred when sending code scanning status report.");
+        return true;
+    }
+}
+exports.sendStatusReport = sendStatusReport;
+//# sourceMappingURL=status-report.js.map

lib/status-report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status-report.js","sourceRoot":"","sources":["../src/status-report.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,oDAAsC;AAEtC,iDAQwB;AACxB,6CAA4D;AAC5D,+CAAuC;AACvC,iCAOgB;AA4FhB,SAAgB,gBAAgB,CAC9B,KAAe,EACf,iBAA0B;IAE1B,IAAI,KAAK,IAAI,iBAAiB,EAAE;QAC9B,OAAO,KAAK,YAAY,gBAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;KAC9D;SAAM;QACL,OAAO,SAAS,CAAC;KAClB;AACH,CAAC;AATD,4CASC;AAqBD;;;;;;;;GAQG;AACI,KAAK,UAAU,sBAAsB,CAC1C,UAAsB,EACtB,MAAoB,EACpB,eAAqB,EACrB,KAAc,EACd,SAAkB;IAElB,MAAM,SAAS,GAAG,IAAA,+BAAgB,EAAC,KAAK,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,IAAA,qBAAM,GAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,IAAA,+BAAgB,GAAE,CAAC;IACzC,MAAM,kBAAkB,GAAG,IAAA,oCAAqB,GAAE,CAAC;IACnD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAChD,MAAM,YAAY,GAAG,MAAM,IAAA,2BAAc,GAAE,CAAC;IAC5C,IAAI,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,CAAC;IAChE,IAAI,iBAAiB,KAAK,SAAS,EAAE;QACnC,iBAAiB,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;KACpE;IACD,MAAM,QAAQ,GAAG,IAAA,0BAAmB,EAAC,WAAW,CAAC,CAAC;IAClD,MAAM,gBAAgB,GAAG,IAAA,6BAAsB,GAAE,CAAC;IAClD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnD,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC;IACzE,0FAA0F;IAC1F,wCAAwC;IACxC,IAAI,kBAAkB,KAAK,EAAE,EAAE;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,CAAC;KACrE;IAED,MAAM,YAAY,GAAqB;QACrC,YAAY,EAAE,UAAU;QACxB,eAAe,EAAE,aAAa;QAC9B,oBAAoB,EAAE,kBAAkB;QACxC,aAAa,EAAE,YAAY;QAC3B,QAAQ,EAAE,OAAO;QACjB,YAAY;QACZ,UAAU,EAAE,SAAS;QACrB,GAAG;QACH,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,iBAAiB;QAC7B,iBAAiB,EAAE,eAAe,CAAC,WAAW,EAAE;QAChD,MAAM;QACN,mBAAmB,EAAE,kBAAkB;QACvC,SAAS,EAAE,QAAQ;QACnB,cAAc,EAAE,IAAA,+BAAgB,GAAE;KACnC,CAAC;IAEF,0BAA0B;IAC1B,IAAI,KAAK,EAAE;QACT,YAAY,CAAC,KAAK,GAAG,KAAK,CAAC;KAC5B;IACD,IAAI,SAAS,EAAE;QACb,YAAY,CAAC,SAAS,GAAG,SAAS,CAAC;KACpC;IACD,IACE,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,YAAY,EACvB;QACA,YAAY,CAAC,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;KACtD;IACD,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE;QACV,YAAY,CAAC,WAAW,GAAG,MAAM,CAAC;KACnC;IACD,IAAI,aAAa,IAAI,OAAO,CAAC,GAAG,EAAE;QAChC,sDAAsD;QACtD,sEAAsE;QACtE,YAAY,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KACvD;IACD,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,OAAO,EAAE;QAClD,YAAY,CAAC,iBAAiB,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;KAC/C;IACD,IAAI,gBAAgB,KAAK,SAAS,EAAE;QAClC,YAAY,CAAC,cAAc,GAAG,gBAAgB,CAAC;KAChD;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAlFD,wDAkFC;AAED,MAAM,eAAe,GACnB,mFAAmF,CAAC;AACtF,MAAM,eAAe,GACnB,sEAAsE,CAAC;AACzE,MAAM,eAAe,GACnB,sFAAsF,CAAC;AACzF,MAAM,gBAAgB,GACpB,gIAAgI,CAAC;AAEnI;;;;;;;;GAQG;AACI,KAAK,UAAU,gBAAgB,CACpC,YAAe;IAEf,MAAM,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACtD,IAAI,CAAC,KAAK,CAAC,0BAA0B,gBAAgB,EAAE,CAAC,CAAC;IACzD,sDAAsD;IACtD,IAAI,IAAA,mBAAY,GAAE,EAAE;QAClB,IAAI,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC;KACb;IAED,MAAM,GAAG,GAAG,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC;IACrD,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAE9B,IAAI;QACF,MAAM,MAAM,CAAC,OAAO,CAClB,uDAAuD,EACvD;YACE,KAAK;YACL,IAAI;YACJ,IAAI,EAAE,gBAAgB;SACvB,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,IAAA,kBAAW,EAAC,CAAC,CAAC,EAAE;YAClB,QAAQ,CAAC,CAAC,MAAM,EAAE;gBAChB,KAAK,GAAG;oBACN,IACE,IAAA,mCAAoB,GAAE,KAAK,MAAM;wBACjC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,EACjD;wBACA,IAAI,CAAC,SAAS,CACZ,mFAAmF;4BACjF,yDAAyD;4BACzD,iLAAiL;4BACjL,8JAA8J,CACjK,CAAC;qBACH;yBAAM;wBACL,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,IAAI,eAAe,CAAC,CAAC;qBAC9C;oBACD,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;oBAChC,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,+CAA+C;oBAC/C,2EAA2E;oBAC3E,4EAA4E;oBAC5E,IAAI,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,KAAK,wBAAiB,EAAE;wBAClE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;qBAC9B;yBAAM;wBACL,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;qBAC7B;oBACD,OAAO,IAAI,CAAC;aACf;SACF;QAED,mFAAmF;QACnF,0EAA0E;QAC1E,IAAI,CAAC,KAAK,CACR,wEAAwE,CACzE,CAAC;QACF,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AApED,4CAoEC"}

lib/status-report.test.js

@@ -0,0 +1,70 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const sinon = __importStar(require("sinon"));
+const actionsUtil = __importStar(require("./actions-util"));
+const environment_1 = require("./environment");
+const status_report_1 = require("./status-report");
+const testing_utils_1 = require("./testing-utils");
+const util_1 = require("./util");
+(0, testing_utils_1.setupTests)(ava_1.default);
+(0, ava_1.default)("createStatusReportBase", async (t) => {
+    await (0, util_1.withTmpDir)(async (tmpDir) => {
+        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        process.env["CODEQL_ACTION_ANALYSIS_KEY"] = "analysis-key";
+        process.env["GITHUB_REF"] = "refs/heads/main";
+        process.env["GITHUB_REPOSITORY"] = "octocat/HelloWorld";
+        process.env["GITHUB_RUN_ATTEMPT"] = "2";
+        process.env["GITHUB_RUN_ID"] = "100";
+        process.env["GITHUB_SHA"] = "a".repeat(40);
+        process.env["RUNNER_OS"] = "macOS";
+        const getRequiredInput = sinon.stub(actionsUtil, "getRequiredInput");
+        getRequiredInput.withArgs("matrix").resolves("input/matrix");
+        const statusReport = await (0, status_report_1.createStatusReportBase)("init", "failure", new Date("May 19, 2023 05:19:00"), "failure cause", "exception stack trace");
+        t.assert(typeof statusReport.job_run_uuid === "string");
+        t.assert(statusReport.workflow_run_id === 100);
+        t.assert(statusReport.workflow_run_attempt === 2);
+        t.assert(statusReport.workflow_name === (process.env["GITHUB_WORKFLOW"] || ""));
+        t.assert(statusReport.job_name === (process.env["GITHUB_JOB"] || ""));
+        t.assert(statusReport.analysis_key === "analysis-key");
+        t.assert(statusReport.commit_oid === process.env["GITHUB_SHA"]);
+        t.assert(statusReport.ref === process.env["GITHUB_REF"]);
+        t.assert(statusReport.action_name === "init");
+        t.assert(statusReport.action_oid === "unknown");
+        t.assert(statusReport.started_at === process.env[environment_1.EnvVar.WORKFLOW_STARTED_AT]);
+        t.assert(statusReport.action_started_at ===
+            new Date("May 19, 2023 05:19:00").toISOString());
+        t.assert(statusReport.status === "failure");
+        t.assert(statusReport.cause === "failure cause");
+        t.assert(statusReport.exception === "exception stack trace");
+        t.assert(statusReport.runner_os === process.env["RUNNER_OS"]);
+        t.assert(typeof statusReport.action_version === "string");
+    });
+});
+//# sourceMappingURL=status-report.test.js.map

lib/status-report.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status-report.test.js","sourceRoot":"","sources":["../src/status-report.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,+CAAuC;AACvC,mDAAyD;AACzD,mDAA+D;AAC/D,iCAAoC;AAEpC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACzC,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,cAAc,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,iBAAiB,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,oBAAoB,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,GAAG,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC;QAEnC,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACrE,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,MAAM,IAAA,sCAAsB,EAC/C,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,eAAe,EACf,uBAAuB,CACxB,CAAC;QAEF,CAAC,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC;QACxD,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,eAAe,KAAK,GAAG,CAAC,CAAC;QAC/C,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,oBAAoB,KAAK,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,MAAM,CACN,YAAY,CAAC,aAAa,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CACtE,CAAC;QACF,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACtE,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,KAAK,cAAc,CAAC,CAAC;QACvD,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,KAAK,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAChE,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,KAAK,MAAM,CAAC,CAAC;QAC9C,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC;QAChD,CAAC,CAAC,MAAM,CACN,YAAY,CAAC,UAAU,KAAK,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,CACpE,CAAC;QACF,CAAC,CAAC,MAAM,CACN,YAAY,CAAC,iBAAiB;YAC5B,IAAI,IAAI,CAAC,uBAAuB,CAAC,CAAC,WAAW,EAAE,CAClD,CAAC;QACF,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;QAC5C,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,KAAK,eAAe,CAAC,CAAC;QACjD,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,KAAK,uBAAuB,CAAC,CAAC;QAC7D,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,KAAK,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;QAC9D,CAAC,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,cAAc,KAAK,QAAQ,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/upload-sarif-action.js

@@ -26,23 +26,23 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const actions_util_1 = require("./actions-util");
-const api_client_1 = require("./api-client");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
+const status_report_1 = require("./status-report");
 const upload_lib = __importStar(require("./upload-lib"));
 const util_1 = require("./util");
 async function sendSuccessStatusReport(startedAt, uploadStats) {
-    const statusReportBase = await (0, api_client_1.createStatusReportBase)("upload-sarif", "success", startedAt);
+    const statusReportBase = await (0, status_report_1.createStatusReportBase)("upload-sarif", "success", startedAt);
     const statusReport = {
         ...statusReportBase,
         ...uploadStats,
     };
-    await (0, api_client_1.sendStatusReport)(statusReport);
+    await (0, status_report_1.sendStatusReport)(statusReport);
 }
 async function run() {
     const startedAt = new Date();
     (0, util_1.initializeEnvironment)((0, actions_util_1.getActionVersion)());
-    if (!(await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("upload-sarif", "starting", startedAt)))) {
+    if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("upload-sarif", "starting", startedAt)))) {
         return;
     }
     try {
@@ -62,7 +62,7 @@ async function run() {
         const message = error.message;
         core.setFailed(message);
         console.log(error);
-        await (0, api_client_1.sendStatusReport)(await (0, api_client_1.createStatusReportBase)("upload-sarif", actionsUtil.getActionsStatus(error), startedAt, message, error.stack));
+        await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("upload-sarif", (0, status_report_1.getActionsStatus)(error), startedAt, message, error.stack));
         return;
     }
 }

lib/upload-sarif-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAAkD;AAClD,6CAAwE;AACxE,uCAA6C;AAC7C,6CAAkD;AAClD,yDAA2C;AAC3C,iCAKgB;AAMhB,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,IAAA,mCAAsB,EACnD,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,IAAA,6BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAC1C,IACE,CAAC,CAAC,MAAM,IAAA,6BAAgB,EACtB,MAAM,IAAA,mCAAsB,EAAC,cAAc,EAAE,UAAU,EAAE,SAAS,CAAC,CACpE,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,iBAAiB,CACrD,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,UAAU,CAAC,EACxC,IAAA,0BAAgB,GAAE,CACnB,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;QAEjD,qEAAqE;QACrE,IAAI,IAAA,mBAAY,GAAE,EAAE;YAClB,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;SACjE;aAAM,IAAI,WAAW,CAAC,gBAAgB,CAAC,qBAAqB,CAAC,KAAK,MAAM,EAAE;YACzE,MAAM,UAAU,CAAC,iBAAiB,CAChC,IAAA,+BAAkB,EAAC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,EAC5D,YAAY,CAAC,OAAO,EACpB,IAAA,0BAAgB,GAAE,CACnB,CAAC;SACH;QACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,YAAY,CAAC,YAAY,CAAC,CAAC;KACrE;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,IAAA,6BAAgB,EACpB,MAAM,IAAA,mCAAsB,EAC1B,cAAc,EACd,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,EACnC,SAAS,EACT,OAAO,EACP,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,sCAAsC,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CACjE,CAAC;KACH;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAAkD;AAClD,uCAA6C;AAC7C,6CAAkD;AAClD,mDAKyB;AACzB,yDAA2C;AAC3C,iCAKgB;AAMhB,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAC1C,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAAC,cAAc,EAAE,UAAU,EAAE,SAAS,CAAC,CACpE,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,iBAAiB,CACrD,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,UAAU,CAAC,EACxC,IAAA,0BAAgB,GAAE,CACnB,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;QAEjD,qEAAqE;QACrE,IAAI,IAAA,mBAAY,GAAE,EAAE;YAClB,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;SACjE;aAAM,IAAI,WAAW,CAAC,gBAAgB,CAAC,qBAAqB,CAAC,KAAK,MAAM,EAAE;YACzE,MAAM,UAAU,CAAC,iBAAiB,CAChC,IAAA,+BAAkB,EAAC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,EAC5D,YAAY,CAAC,OAAO,EACpB,IAAA,0BAAgB,GAAE,CACnB,CAAC;SACH;QACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,YAAY,CAAC,YAAY,CAAC,CAAC;KACrE;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,cAAc,EACd,IAAA,gCAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,OAAO,EACP,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,sCAAsC,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CACjE,CAAC;KACH;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

src/actions-util.test.ts

@@ -5,7 +5,7 @@ import test from "ava";
 import * as sinon from "sinon";
 
 import * as actionsUtil from "./actions-util";
-import { computeAutomationID, createStatusReportBase } from "./api-client";
+import { computeAutomationID } from "./api-client";
 import { EnvVar } from "./environment";
 import { setupActionsVars, setupTests } from "./testing-utils";
 import { initializeEnvironment, withTmpDir } from "./util";
@@ -267,53 +267,3 @@ test("isAnalyzingDefaultBranch()", async (t) => {
     getAdditionalInputStub.restore();
   });
 });
-
-test("createStatusReportBase", async (t) => {
-  await withTmpDir(async (tmpDir: string) => {
-    setupActionsVars(tmpDir, tmpDir);
-
-    process.env["GITHUB_REF"] = "refs/heads/main";
-    process.env["GITHUB_SHA"] = "a".repeat(40);
-    process.env["GITHUB_RUN_ID"] = "100";
-    process.env["GITHUB_RUN_ATTEMPT"] = "2";
-    process.env["GITHUB_REPOSITORY"] = "octocat/HelloWorld";
-    process.env["CODEQL_ACTION_ANALYSIS_KEY"] = "analysis-key";
-    process.env["RUNNER_OS"] = "macOS";
-
-    const getRequiredInput = sinon.stub(actionsUtil, "getRequiredInput");
-    getRequiredInput.withArgs("matrix").resolves("input/matrix");
-
-    const statusReport = await createStatusReportBase(
-      "init",
-      "failure",
-      new Date("May 19, 2023 05:19:00"),
-      "failure cause",
-      "exception stack trace",
-    );
-
-    t.assert(typeof statusReport.job_run_uuid === "string");
-    t.assert(statusReport.workflow_run_id === 100);
-    t.assert(statusReport.workflow_run_attempt === 2);
-    t.assert(
-      statusReport.workflow_name === (process.env["GITHUB_WORKFLOW"] || ""),
-    );
-    t.assert(statusReport.job_name === (process.env["GITHUB_JOB"] || ""));
-    t.assert(statusReport.analysis_key === "analysis-key");
-    t.assert(statusReport.commit_oid === process.env["GITHUB_SHA"]);
-    t.assert(statusReport.ref === process.env["GITHUB_REF"]);
-    t.assert(statusReport.action_name === "init");
-    t.assert(statusReport.action_oid === "unknown");
-    t.assert(
-      statusReport.started_at === process.env[EnvVar.WORKFLOW_STARTED_AT],
-    );
-    t.assert(
-      statusReport.action_started_at ===
-        new Date("May 19, 2023 05:19:00").toISOString(),
-    );
-    t.assert(statusReport.status === "failure");
-    t.assert(statusReport.cause === "failure cause");
-    t.assert(statusReport.exception === "exception stack trace");
-    t.assert(statusReport.runner_os === process.env["RUNNER_OS"]);
-    t.assert(typeof statusReport.action_version === "string");
-  });
-});

src/actions-util.ts

@@ -239,126 +239,6 @@ function getRefFromEnv(): string {
   return refEnv;
 }
 
-export type ActionName =
-  | "init"
-  | "autobuild"
-  | "finish"
-  | "upload-sarif"
-  | "init-post"
-  | "resolve-environment";
-export type ActionStatus =
-  | "starting"
-  | "aborted"
-  | "success"
-  | "failure"
-  | "user-error";
-
-// Any status report may include an array of EventReports associated with it.
-export interface EventReport {
-  /** An enumerable description of the event. */
-  event: string;
-  /** Time this event started. */
-  started_at: string;
-  /** Time this event ended. */
-  completed_at: string;
-  /** eg: `success`, `failure`, `timeout`, etc. */
-  exit_status?: string;
-  /** If the event is language-specific. */
-  language?: string;
-  /**
-   * A generic JSON blob of data related to this event.
-   * Use Object.assign() to append additional fields to the object.
-   */
-  properties?: object;
-}
-
-export interface StatusReportBase {
-  /**
-   * UUID representing the job run that this status report belongs to. We
-   * generate our own UUID here because Actions currently does not expose a
-   * unique job run identifier. This UUID will allow us to more easily match
-   * reports from different steps in the same workflow job.
-   *
-   * If and when Actions does expose a unique job ID, we plan to populate a
-   * separate int field, `job_run_id`, with the Actions-generated identifier,
-   * as it will allow us to more easily join our telemetry data with Actions
-   * telemetry tables.
-   */
-  job_run_uuid: string;
-  /** ID of the workflow run containing the action run. */
-  workflow_run_id: number;
-  /** Attempt number of the run containing the action run. */
-  workflow_run_attempt: number;
-  /** Workflow name. Converted to analysis_name further down the pipeline.. */
-  workflow_name: string;
-  /** Job name from the workflow. */
-  job_name: string;
-  /** Analysis key, normally composed from the workflow path and job name. */
-  analysis_key: string;
-  /** Value of the matrix for this instantiation of the job. */
-  matrix_vars?: string;
-  /** Commit oid that the workflow was triggered on. */
-  commit_oid: string;
-  /** Ref that the workflow was triggered on. */
-  ref: string;
-  /** Name of the action being executed. */
-  action_name: ActionName;
-  /** Version of the action being executed, as a ref. */
-  action_ref?: string;
-  /** Version of the action being executed, as a commit oid. */
-  action_oid: string;
-  /** Time the first action started. Normally the init action. */
-  started_at: string;
-  /** Time this action started. */
-  action_started_at: string;
-  /** Time this action completed, or undefined if not yet completed. */
-  completed_at?: string;
-  /** State this action is currently in. */
-  status: ActionStatus;
-  /**
-   * Testing environment: Set if non-production environment.
-   * The server accepts one of the following values:
-   *  `["", "qa-rc", "qa-rc-1", "qa-rc-2", "qa-experiment-1", "qa-experiment-2", "qa-experiment-3"]`.
-   */
-  testing_environment: string;
-  /**
-   * Information about the enablement of the ML-powered JS query pack.
-   *
-   * @see {@link util.getMlPoweredJsQueriesStatus}
-   */
-  ml_powered_javascript_queries?: string;
-  /** Cause of the failure (or undefined if status is not failure). */
-  cause?: string;
-  /** Stack trace of the failure (or undefined if status is not failure). */
-  exception?: string;
-  /** Action runner operating system (context runner.os). */
-  runner_os: string;
-  /** Action runner hardware architecture (context runner.arch). */
-  runner_arch?: string;
-  /** Action runner operating system release (x.y.z from os.release()). */
-  runner_os_release?: string;
-  /** Action version (x.y.z from package.json). */
-  action_version: string;
-  /** CodeQL CLI version (x.y.z from the CLI). */
-  codeql_version?: string;
-}
-
-export interface DatabaseCreationTimings {
-  scanned_language_extraction_duration_ms?: number;
-  trap_import_duration_ms?: number;
-}
-
-export function getActionsStatus(
-  error?: unknown,
-  otherFailureCause?: string,
-): ActionStatus {
-  if (error || otherFailureCause) {
-    return error instanceof UserError ? "user-error" : "failure";
-  } else {
-    return "success";
-  }
-}
-
 export function getActionVersion(): string {
   return pkg.version!;
 }

src/analyze-action-env.test.ts

@@ -5,6 +5,7 @@ import * as actionsUtil from "./actions-util";
 import * as analyze from "./analyze";
 import * as api from "./api-client";
 import * as configUtils from "./config-utils";
+import * as statusReport from "./status-report";
 import {
   setupTests,
   setupActionsVars,
@@ -27,9 +28,9 @@ test("analyze action with RAM & threads from environment variables", async (t) =
     process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
     process.env["GITHUB_API_URL"] = "https://api.github.com";
     sinon
-      .stub(api, "createStatusReportBase")
+      .stub(statusReport, "createStatusReportBase")
-      .resolves({} as actionsUtil.StatusReportBase);
+      .resolves({} as statusReport.StatusReportBase);
-    sinon.stub(api, "sendStatusReport").resolves(true);
+    sinon.stub(statusReport, "sendStatusReport").resolves(true);
     sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
 
     const gitHubVersion: util.GitHubVersion = {

src/analyze-action-input.test.ts

@@ -5,6 +5,7 @@ import * as actionsUtil from "./actions-util";
 import * as analyze from "./analyze";
 import * as api from "./api-client";
 import * as configUtils from "./config-utils";
+import * as statusReport from "./status-report";
 import {
   setupTests,
   setupActionsVars,
@@ -27,9 +28,9 @@ test("analyze action with RAM & threads from action inputs", async (t) => {
     process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
     process.env["GITHUB_API_URL"] = "https://api.github.com";
     sinon
-      .stub(api, "createStatusReportBase")
+      .stub(statusReport, "createStatusReportBase")
-      .resolves({} as actionsUtil.StatusReportBase);
+      .resolves({} as statusReport.StatusReportBase);
-    sinon.stub(api, "sendStatusReport").resolves(true);
+    sinon.stub(statusReport, "sendStatusReport").resolves(true);
     const gitHubVersion: util.GitHubVersion = {
       type: util.GitHubVariant.DOTCOM,
     };

src/analyze-action.ts

@@ -5,7 +5,6 @@ import { performance } from "perf_hooks";
 import * as core from "@actions/core";
 
 import * as actionsUtil from "./actions-util";
-import { DatabaseCreationTimings } from "./actions-util";
 import {
   CodeQLAnalysisError,
   dbIsFinalized,
@@ -15,7 +14,6 @@ import {
   runQueries,
 } from "./analyze";
 import { getApiDetails, getGitHubVersion } from "./api-client";
-import * as api from "./api-client";
 import { runAutobuild } from "./autobuild";
 import { getCodeQL } from "./codeql";
 import { Config, getConfig, getMlPoweredJsQueriesStatus } from "./config-utils";
@@ -25,6 +23,13 @@ import { Feature, Features } from "./feature-flags";
 import { Language } from "./languages";
 import { getActionsLogger, Logger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
+import * as statusReport from "./status-report";
+import {
+  createStatusReportBase,
+  DatabaseCreationTimings,
+  getActionsStatus,
+  StatusReportBase,
+} from "./status-report";
 import { getTotalCacheSize, uploadTrapCaches } from "./trap-caching";
 import * as uploadLib from "./upload-lib";
 import { UploadResult } from "./upload-lib";
@@ -36,8 +41,8 @@ interface AnalysisStatusReport
     QueriesStatusReport {}
 
 interface FinishStatusReport
-  extends actionsUtil.StatusReportBase,
+  extends StatusReportBase,
-    actionsUtil.DatabaseCreationTimings,
+    DatabaseCreationTimings,
     AnalysisStatusReport {}
 
 interface FinishWithTrapUploadStatusReport extends FinishStatusReport {
@@ -57,18 +62,15 @@ export async function sendStatusReport(
   didUploadTrapCaches: boolean,
   logger: Logger,
 ) {
-  const status = actionsUtil.getActionsStatus(
+  const status = getActionsStatus(error, stats?.analyze_failure_language);
-    error,
+  const statusReportBase = await createStatusReportBase(
-    stats?.analyze_failure_language,
-  );
-  const statusReportBase = await api.createStatusReportBase(
     "finish",
     status,
     startedAt,
     error?.message,
     error?.stack,
   );
-  const statusReport: FinishStatusReport = {
+  const report: FinishStatusReport = {
     ...statusReportBase,
     ...(config
       ? {
@@ -80,15 +82,15 @@ export async function sendStatusReport(
   };
   if (config && didUploadTrapCaches) {
     const trapCacheUploadStatusReport: FinishWithTrapUploadStatusReport = {
-      ...statusReport,
+      ...report,
       trap_cache_upload_duration_ms: Math.round(trapCacheUploadTime || 0),
       trap_cache_upload_size_bytes: Math.round(
         await getTotalCacheSize(config.trapCaches, logger),
       ),
     };
-    await api.sendStatusReport(trapCacheUploadStatusReport);
+    await statusReport.sendStatusReport(trapCacheUploadStatusReport);
   } else {
-    await api.sendStatusReport(statusReport);
+    await statusReport.sendStatusReport(report);
   }
 }
 
@@ -181,8 +183,8 @@ async function run() {
   const logger = getActionsLogger();
   try {
     if (
-      !(await api.sendStatusReport(
+      !(await statusReport.sendStatusReport(
-        await api.createStatusReportBase("finish", "starting", startedAt),
+        await createStatusReportBase("finish", "starting", startedAt),
       ))
     ) {
       return;

src/analyze.ts

@@ -6,7 +6,6 @@ import * as toolrunner from "@actions/exec/lib/toolrunner";
 import del from "del";
 import * as yaml from "js-yaml";
 
-import { DatabaseCreationTimings, EventReport } from "./actions-util";
 import * as analysisPaths from "./analysis-paths";
 import { CodeQL, getCodeQL } from "./codeql";
 import * as configUtils from "./config-utils";
@@ -18,6 +17,7 @@ import {
 } from "./feature-flags";
 import { isScannedLanguage, Language } from "./languages";
 import { Logger } from "./logging";
+import { DatabaseCreationTimings, EventReport } from "./status-report";
 import { endTracingForCluster } from "./tracer-config";
 import { validateSarifFileSchema } from "./upload-lib";
 import * as util from "./util";

src/api-client.ts

@@ -1,31 +1,14 @@
-import * as os from "os";
-
 import * as core from "@actions/core";
 import * as githubUtils from "@actions/github/lib/utils";
 import * as retry from "@octokit/plugin-retry";
 import consoleLogLevel from "console-log-level";
 
+import { getActionVersion, getRequiredInput } from "./actions-util";
 import {
-  ActionName,
-  ActionStatus,
-  StatusReportBase,
-  getActionVersion,
-  getOptionalInput,
-  getRef,
-  getRequiredInput,
-  getWorkflowEventName,
-  getWorkflowRunAttempt,
-  getWorkflowRunID,
-} from "./actions-util";
-import { EnvVar } from "./environment";
-import {
-  getCachedCodeQlVersion,
   getRequiredEnvParam,
   GITHUB_DOTCOM_URL,
   GitHubVariant,
   GitHubVersion,
-  isHTTPError,
-  isInTestMode,
   parseGitHubUrl,
   parseMatrixInput,
 } from "./util";
@@ -136,187 +119,6 @@ export async function getGitHubVersion(): Promise<GitHubVersion> {
   return cachedGitHubVersion;
 }
 
-/**
- * Compose a StatusReport.
- *
- * @param actionName The name of the action, e.g. 'init', 'finish', 'upload-sarif'
- * @param status The status. Must be 'success', 'failure', or 'starting'
- * @param startedAt The time this action started executing.
- * @param cause  Cause of failure (only supply if status is 'failure')
- * @param exception Exception (only supply if status is 'failure')
- */
-export async function createStatusReportBase(
-  actionName: ActionName,
-  status: ActionStatus,
-  actionStartedAt: Date,
-  cause?: string,
-  exception?: string,
-): Promise<StatusReportBase> {
-  const commitOid = getOptionalInput("sha") || process.env["GITHUB_SHA"] || "";
-  const ref = await getRef();
-  const jobRunUUID = process.env[EnvVar.JOB_RUN_UUID] || "";
-  const workflowRunID = getWorkflowRunID();
-  const workflowRunAttempt = getWorkflowRunAttempt();
-  const workflowName = process.env["GITHUB_WORKFLOW"] || "";
-  const jobName = process.env["GITHUB_JOB"] || "";
-  const analysis_key = await getAnalysisKey();
-  let workflowStartedAt = process.env[EnvVar.WORKFLOW_STARTED_AT];
-  if (workflowStartedAt === undefined) {
-    workflowStartedAt = actionStartedAt.toISOString();
-    core.exportVariable(EnvVar.WORKFLOW_STARTED_AT, workflowStartedAt);
-  }
-  const runnerOs = getRequiredEnvParam("RUNNER_OS");
-  const codeQlCliVersion = getCachedCodeQlVersion();
-  const actionRef = process.env["GITHUB_ACTION_REF"];
-  const testingEnvironment = process.env[EnvVar.TESTING_ENVIRONMENT] || "";
-  // re-export the testing environment variable so that it is available to subsequent steps,
-  // even if it was only set for this step
-  if (testingEnvironment !== "") {
-    core.exportVariable(EnvVar.TESTING_ENVIRONMENT, testingEnvironment);
-  }
-
-  const statusReport: StatusReportBase = {
-    job_run_uuid: jobRunUUID,
-    workflow_run_id: workflowRunID,
-    workflow_run_attempt: workflowRunAttempt,
-    workflow_name: workflowName,
-    job_name: jobName,
-    analysis_key,
-    commit_oid: commitOid,
-    ref,
-    action_name: actionName,
-    action_ref: actionRef,
-    action_oid: "unknown", // TODO decide if it's possible to fill this in
-    started_at: workflowStartedAt,
-    action_started_at: actionStartedAt.toISOString(),
-    status,
-    testing_environment: testingEnvironment,
-    runner_os: runnerOs,
-    action_version: getActionVersion(),
-  };
-
-  // Add optional parameters
-  if (cause) {
-    statusReport.cause = cause;
-  }
-  if (exception) {
-    statusReport.exception = exception;
-  }
-  if (
-    status === "success" ||
-    status === "failure" ||
-    status === "aborted" ||
-    status === "user-error"
-  ) {
-    statusReport.completed_at = new Date().toISOString();
-  }
-  const matrix = getRequiredInput("matrix");
-  if (matrix) {
-    statusReport.matrix_vars = matrix;
-  }
-  if ("RUNNER_ARCH" in process.env) {
-    // RUNNER_ARCH is available only in GHES 3.4 and later
-    // Values other than X86, X64, ARM, or ARM64 are discarded server side
-    statusReport.runner_arch = process.env["RUNNER_ARCH"];
-  }
-  if (runnerOs === "Windows" || runnerOs === "macOS") {
-    statusReport.runner_os_release = os.release();
-  }
-  if (codeQlCliVersion !== undefined) {
-    statusReport.codeql_version = codeQlCliVersion;
-  }
-
-  return statusReport;
-}
-
-const GENERIC_403_MSG =
-  "The repo on which this action is running is not opted-in to CodeQL code scanning.";
-const GENERIC_404_MSG =
-  "Not authorized to use the CodeQL code scanning feature on this repo.";
-const OUT_OF_DATE_MSG =
-  "CodeQL Action is out-of-date. Please upgrade to the latest version of codeql-action.";
-const INCOMPATIBLE_MSG =
-  "CodeQL Action version is incompatible with the code scanning endpoint. Please update to a compatible version of codeql-action.";
-
-/**
- * Send a status report to the code_scanning/analysis/status endpoint.
- *
- * Optionally checks the response from the API endpoint and sets the action
- * as failed if the status report failed. This is only expected to be used
- * when sending a 'starting' report.
- *
- * Returns whether sending the status report was successful of not.
- */
-export async function sendStatusReport<S extends StatusReportBase>(
-  statusReport: S,
-): Promise<boolean> {
-  const statusReportJSON = JSON.stringify(statusReport);
-  core.debug(`Sending status report: ${statusReportJSON}`);
-  // If in test mode we don't want to upload the results
-  if (isInTestMode()) {
-    core.debug("In test mode. Status reports are not uploaded.");
-    return true;
-  }
-
-  const nwo = getRequiredEnvParam("GITHUB_REPOSITORY");
-  const [owner, repo] = nwo.split("/");
-  const client = getApiClient();
-
-  try {
-    await client.request(
-      "PUT /repos/:owner/:repo/code-scanning/analysis/status",
-      {
-        owner,
-        repo,
-        data: statusReportJSON,
-      },
-    );
-
-    return true;
-  } catch (e) {
-    console.log(e);
-    if (isHTTPError(e)) {
-      switch (e.status) {
-        case 403:
-          if (
-            getWorkflowEventName() === "push" &&
-            process.env["GITHUB_ACTOR"] === "dependabot[bot]"
-          ) {
-            core.setFailed(
-              'Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
-                "Uploading Code Scanning results requires write access. " +
-                'To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. ' +
-                "See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.",
-            );
-          } else {
-            core.setFailed(e.message || GENERIC_403_MSG);
-          }
-          return false;
-        case 404:
-          core.setFailed(GENERIC_404_MSG);
-          return false;
-        case 422:
-          // schema incompatibility when reporting status
-          // this means that this action version is no longer compatible with the API
-          // we still want to continue as it is likely the analysis endpoint will work
-          if (getRequiredEnvParam("GITHUB_SERVER_URL") !== GITHUB_DOTCOM_URL) {
-            core.debug(INCOMPATIBLE_MSG);
-          } else {
-            core.debug(OUT_OF_DATE_MSG);
-          }
-          return true;
-      }
-    }
-
-    // something else has gone wrong and the request/response will be logged by octokit
-    // it's possible this is a transient error and we should continue scanning
-    core.error(
-      "An unexpected error occurred when sending code scanning status report.",
-    );
-    return true;
-  }
-}
-
 /**
  * Get the path of the currently executing workflow relative to the repository root.
  */

src/autobuild-action.ts

@@ -1,22 +1,22 @@
 import * as core from "@actions/core";
 
 import {
-  getActionsStatus,
   getActionVersion,
   getOptionalInput,
   getTemporaryDirectory,
-  StatusReportBase,
 } from "./actions-util";
-import {
+import { getGitHubVersion } from "./api-client";
-  createStatusReportBase,
-  getGitHubVersion,
-  sendStatusReport,
-} from "./api-client";
 import { determineAutobuildLanguages, runAutobuild } from "./autobuild";
 import * as configUtils from "./config-utils";
 import { EnvVar } from "./environment";
 import { Language } from "./languages";
 import { getActionsLogger } from "./logging";
+import {
+  StatusReportBase,
+  getActionsStatus,
+  createStatusReportBase,
+  sendStatusReport,
+} from "./status-report";
 import {
   checkGitHubVersionInRange,
   initializeEnvironment,

src/init-action-post.ts

@@ -6,22 +6,19 @@
 
 import * as core from "@actions/core";
 
-import {
+import { getTemporaryDirectory, printDebugLogs } from "./actions-util";
-  getActionsStatus,
+import { getGitHubVersion } from "./api-client";
-  getTemporaryDirectory,
-  printDebugLogs,
-  StatusReportBase,
-} from "./actions-util";
-import {
-  createStatusReportBase,
-  getGitHubVersion,
-  sendStatusReport,
-} from "./api-client";
 import * as debugArtifacts from "./debug-artifacts";
 import { Features } from "./feature-flags";
 import * as initActionPostHelper from "./init-action-post-helper";
 import { getActionsLogger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
+import {
+  StatusReportBase,
+  sendStatusReport,
+  createStatusReportBase,
+  getActionsStatus,
+} from "./status-report";
 import {
   checkGitHubVersionInRange,
   getRequiredEnvParam,

src/init-action.ts

@@ -4,18 +4,12 @@ import * as core from "@actions/core";
 import { v4 as uuidV4 } from "uuid";
 
 import {
-  getActionsStatus,
   getActionVersion,
   getOptionalInput,
   getRequiredInput,
   getTemporaryDirectory,
-  StatusReportBase,
 } from "./actions-util";
-import {
+import { getGitHubVersion } from "./api-client";
-  createStatusReportBase,
-  getGitHubVersion,
-  sendStatusReport,
-} from "./api-client";
 import { CodeQL } from "./codeql";
 import * as configUtils from "./config-utils";
 import { getMlPoweredJsQueriesStatus } from "./config-utils";
@@ -26,6 +20,12 @@ import { Language } from "./languages";
 import { getActionsLogger, Logger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
 import { ToolsSource } from "./setup-codeql";
+import {
+  StatusReportBase,
+  createStatusReportBase,
+  getActionsStatus,
+  sendStatusReport,
+} from "./status-report";
 import { getTotalCacheSize } from "./trap-caching";
 import {
   checkForTimeout,

src/resolve-environment-action.ts

@@ -1,21 +1,21 @@
 import * as core from "@actions/core";
 
 import {
-  getActionsStatus,
   getOptionalInput,
   getRequiredInput,
   getTemporaryDirectory,
 } from "./actions-util";
-import {
+import { getGitHubVersion } from "./api-client";
-  createStatusReportBase,
-  getGitHubVersion,
-  sendStatusReport,
-} from "./api-client";
 import { CommandInvocationError } from "./codeql";
 import * as configUtils from "./config-utils";
 import { Language, resolveAlias } from "./languages";
 import { getActionsLogger } from "./logging";
 import { runResolveBuildEnvironment } from "./resolve-environment";
+import {
+  sendStatusReport,
+  createStatusReportBase,
+  getActionsStatus,
+} from "./status-report";
 import { checkForTimeout, checkGitHubVersionInRange, wrapError } from "./util";
 
 const ACTION_NAME = "resolve-environment";

src/status-report.test.ts

@@ -0,0 +1,60 @@
+import test from "ava";
+import * as sinon from "sinon";
+
+import * as actionsUtil from "./actions-util";
+import { EnvVar } from "./environment";
+import { createStatusReportBase } from "./status-report";
+import { setupTests, setupActionsVars } from "./testing-utils";
+import { withTmpDir } from "./util";
+
+setupTests(test);
+
+test("createStatusReportBase", async (t) => {
+  await withTmpDir(async (tmpDir: string) => {
+    setupActionsVars(tmpDir, tmpDir);
+
+    process.env["CODEQL_ACTION_ANALYSIS_KEY"] = "analysis-key";
+    process.env["GITHUB_REF"] = "refs/heads/main";
+    process.env["GITHUB_REPOSITORY"] = "octocat/HelloWorld";
+    process.env["GITHUB_RUN_ATTEMPT"] = "2";
+    process.env["GITHUB_RUN_ID"] = "100";
+    process.env["GITHUB_SHA"] = "a".repeat(40);
+    process.env["RUNNER_OS"] = "macOS";
+
+    const getRequiredInput = sinon.stub(actionsUtil, "getRequiredInput");
+    getRequiredInput.withArgs("matrix").resolves("input/matrix");
+
+    const statusReport = await createStatusReportBase(
+      "init",
+      "failure",
+      new Date("May 19, 2023 05:19:00"),
+      "failure cause",
+      "exception stack trace",
+    );
+
+    t.assert(typeof statusReport.job_run_uuid === "string");
+    t.assert(statusReport.workflow_run_id === 100);
+    t.assert(statusReport.workflow_run_attempt === 2);
+    t.assert(
+      statusReport.workflow_name === (process.env["GITHUB_WORKFLOW"] || ""),
+    );
+    t.assert(statusReport.job_name === (process.env["GITHUB_JOB"] || ""));
+    t.assert(statusReport.analysis_key === "analysis-key");
+    t.assert(statusReport.commit_oid === process.env["GITHUB_SHA"]);
+    t.assert(statusReport.ref === process.env["GITHUB_REF"]);
+    t.assert(statusReport.action_name === "init");
+    t.assert(statusReport.action_oid === "unknown");
+    t.assert(
+      statusReport.started_at === process.env[EnvVar.WORKFLOW_STARTED_AT],
+    );
+    t.assert(
+      statusReport.action_started_at ===
+        new Date("May 19, 2023 05:19:00").toISOString(),
+    );
+    t.assert(statusReport.status === "failure");
+    t.assert(statusReport.cause === "failure cause");
+    t.assert(statusReport.exception === "exception stack trace");
+    t.assert(statusReport.runner_os === process.env["RUNNER_OS"]);
+    t.assert(typeof statusReport.action_version === "string");
+  });
+});

src/status-report.ts

@@ -0,0 +1,324 @@
+import * as os from "os";
+
+import * as core from "@actions/core";
+
+import {
+  getWorkflowEventName,
+  getOptionalInput,
+  getRef,
+  getWorkflowRunID,
+  getWorkflowRunAttempt,
+  getActionVersion,
+  getRequiredInput,
+} from "./actions-util";
+import { getAnalysisKey, getApiClient } from "./api-client";
+import { EnvVar } from "./environment";
+import {
+  UserError,
+  isHTTPError,
+  getRequiredEnvParam,
+  getCachedCodeQlVersion,
+  isInTestMode,
+  GITHUB_DOTCOM_URL,
+} from "./util";
+
+export type ActionName =
+  | "init"
+  | "autobuild"
+  | "finish"
+  | "upload-sarif"
+  | "init-post"
+  | "resolve-environment";
+export type ActionStatus =
+  | "starting"
+  | "aborted"
+  | "success"
+  | "failure"
+  | "user-error";
+
+export interface StatusReportBase {
+  /**
+   * UUID representing the job run that this status report belongs to. We
+   * generate our own UUID here because Actions currently does not expose a
+   * unique job run identifier. This UUID will allow us to more easily match
+   * reports from different steps in the same workflow job.
+   *
+   * If and when Actions does expose a unique job ID, we plan to populate a
+   * separate int field, `job_run_id`, with the Actions-generated identifier,
+   * as it will allow us to more easily join our telemetry data with Actions
+   * telemetry tables.
+   */
+  job_run_uuid: string;
+  /** ID of the workflow run containing the action run. */
+  workflow_run_id: number;
+  /** Attempt number of the run containing the action run. */
+  workflow_run_attempt: number;
+  /** Workflow name. Converted to analysis_name further down the pipeline.. */
+  workflow_name: string;
+  /** Job name from the workflow. */
+  job_name: string;
+  /** Analysis key, normally composed from the workflow path and job name. */
+  analysis_key: string;
+  /** Value of the matrix for this instantiation of the job. */
+  matrix_vars?: string;
+  /** Commit oid that the workflow was triggered on. */
+  commit_oid: string;
+  /** Ref that the workflow was triggered on. */
+  ref: string;
+  /** Name of the action being executed. */
+  action_name: ActionName;
+  /** Version of the action being executed, as a ref. */
+  action_ref?: string;
+  /** Version of the action being executed, as a commit oid. */
+  action_oid: string;
+  /** Time the first action started. Normally the init action. */
+  started_at: string;
+  /** Time this action started. */
+  action_started_at: string;
+  /** Time this action completed, or undefined if not yet completed. */
+  completed_at?: string;
+  /** State this action is currently in. */
+  status: ActionStatus;
+  /**
+   * Testing environment: Set if non-production environment.
+   * The server accepts one of the following values:
+   *  `["", "qa-rc", "qa-rc-1", "qa-rc-2", "qa-experiment-1", "qa-experiment-2", "qa-experiment-3"]`.
+   */
+  testing_environment: string;
+  /**
+   * Information about the enablement of the ML-powered JS query pack.
+   *
+   * @see {@link util.getMlPoweredJsQueriesStatus}
+   */
+  ml_powered_javascript_queries?: string;
+  /** Cause of the failure (or undefined if status is not failure). */
+  cause?: string;
+  /** Stack trace of the failure (or undefined if status is not failure). */
+  exception?: string;
+  /** Action runner operating system (context runner.os). */
+  runner_os: string;
+  /** Action runner hardware architecture (context runner.arch). */
+  runner_arch?: string;
+  /** Action runner operating system release (x.y.z from os.release()). */
+  runner_os_release?: string;
+  /** Action version (x.y.z from package.json). */
+  action_version: string;
+  /** CodeQL CLI version (x.y.z from the CLI). */
+  codeql_version?: string;
+}
+
+export interface DatabaseCreationTimings {
+  scanned_language_extraction_duration_ms?: number;
+  trap_import_duration_ms?: number;
+}
+
+export function getActionsStatus(
+  error?: unknown,
+  otherFailureCause?: string,
+): ActionStatus {
+  if (error || otherFailureCause) {
+    return error instanceof UserError ? "user-error" : "failure";
+  } else {
+    return "success";
+  }
+}
+
+// Any status report may include an array of EventReports associated with it.
+export interface EventReport {
+  /** An enumerable description of the event. */
+  event: string;
+  /** Time this event started. */
+  started_at: string;
+  /** Time this event ended. */
+  completed_at: string;
+  /** eg: `success`, `failure`, `timeout`, etc. */
+  exit_status?: string;
+  /** If the event is language-specific. */
+  language?: string;
+  /**
+   * A generic JSON blob of data related to this event.
+   * Use Object.assign() to append additional fields to the object.
+   */
+  properties?: object;
+}
+
+/**
+ * Compose a StatusReport.
+ *
+ * @param actionName The name of the action, e.g. 'init', 'finish', 'upload-sarif'
+ * @param status The status. Must be 'success', 'failure', or 'starting'
+ * @param startedAt The time this action started executing.
+ * @param cause  Cause of failure (only supply if status is 'failure')
+ * @param exception Exception (only supply if status is 'failure')
+ */
+export async function createStatusReportBase(
+  actionName: ActionName,
+  status: ActionStatus,
+  actionStartedAt: Date,
+  cause?: string,
+  exception?: string,
+): Promise<StatusReportBase> {
+  const commitOid = getOptionalInput("sha") || process.env["GITHUB_SHA"] || "";
+  const ref = await getRef();
+  const jobRunUUID = process.env[EnvVar.JOB_RUN_UUID] || "";
+  const workflowRunID = getWorkflowRunID();
+  const workflowRunAttempt = getWorkflowRunAttempt();
+  const workflowName = process.env["GITHUB_WORKFLOW"] || "";
+  const jobName = process.env["GITHUB_JOB"] || "";
+  const analysis_key = await getAnalysisKey();
+  let workflowStartedAt = process.env[EnvVar.WORKFLOW_STARTED_AT];
+  if (workflowStartedAt === undefined) {
+    workflowStartedAt = actionStartedAt.toISOString();
+    core.exportVariable(EnvVar.WORKFLOW_STARTED_AT, workflowStartedAt);
+  }
+  const runnerOs = getRequiredEnvParam("RUNNER_OS");
+  const codeQlCliVersion = getCachedCodeQlVersion();
+  const actionRef = process.env["GITHUB_ACTION_REF"];
+  const testingEnvironment = process.env[EnvVar.TESTING_ENVIRONMENT] || "";
+  // re-export the testing environment variable so that it is available to subsequent steps,
+  // even if it was only set for this step
+  if (testingEnvironment !== "") {
+    core.exportVariable(EnvVar.TESTING_ENVIRONMENT, testingEnvironment);
+  }
+
+  const statusReport: StatusReportBase = {
+    job_run_uuid: jobRunUUID,
+    workflow_run_id: workflowRunID,
+    workflow_run_attempt: workflowRunAttempt,
+    workflow_name: workflowName,
+    job_name: jobName,
+    analysis_key,
+    commit_oid: commitOid,
+    ref,
+    action_name: actionName,
+    action_ref: actionRef,
+    action_oid: "unknown", // TODO decide if it's possible to fill this in
+    started_at: workflowStartedAt,
+    action_started_at: actionStartedAt.toISOString(),
+    status,
+    testing_environment: testingEnvironment,
+    runner_os: runnerOs,
+    action_version: getActionVersion(),
+  };
+
+  // Add optional parameters
+  if (cause) {
+    statusReport.cause = cause;
+  }
+  if (exception) {
+    statusReport.exception = exception;
+  }
+  if (
+    status === "success" ||
+    status === "failure" ||
+    status === "aborted" ||
+    status === "user-error"
+  ) {
+    statusReport.completed_at = new Date().toISOString();
+  }
+  const matrix = getRequiredInput("matrix");
+  if (matrix) {
+    statusReport.matrix_vars = matrix;
+  }
+  if ("RUNNER_ARCH" in process.env) {
+    // RUNNER_ARCH is available only in GHES 3.4 and later
+    // Values other than X86, X64, ARM, or ARM64 are discarded server side
+    statusReport.runner_arch = process.env["RUNNER_ARCH"];
+  }
+  if (runnerOs === "Windows" || runnerOs === "macOS") {
+    statusReport.runner_os_release = os.release();
+  }
+  if (codeQlCliVersion !== undefined) {
+    statusReport.codeql_version = codeQlCliVersion;
+  }
+
+  return statusReport;
+}
+
+const GENERIC_403_MSG =
+  "The repo on which this action is running is not opted-in to CodeQL code scanning.";
+const GENERIC_404_MSG =
+  "Not authorized to use the CodeQL code scanning feature on this repo.";
+const OUT_OF_DATE_MSG =
+  "CodeQL Action is out-of-date. Please upgrade to the latest version of codeql-action.";
+const INCOMPATIBLE_MSG =
+  "CodeQL Action version is incompatible with the code scanning endpoint. Please update to a compatible version of codeql-action.";
+
+/**
+ * Send a status report to the code_scanning/analysis/status endpoint.
+ *
+ * Optionally checks the response from the API endpoint and sets the action
+ * as failed if the status report failed. This is only expected to be used
+ * when sending a 'starting' report.
+ *
+ * Returns whether sending the status report was successful of not.
+ */
+export async function sendStatusReport<S extends StatusReportBase>(
+  statusReport: S,
+): Promise<boolean> {
+  const statusReportJSON = JSON.stringify(statusReport);
+  core.debug(`Sending status report: ${statusReportJSON}`);
+  // If in test mode we don't want to upload the results
+  if (isInTestMode()) {
+    core.debug("In test mode. Status reports are not uploaded.");
+    return true;
+  }
+
+  const nwo = getRequiredEnvParam("GITHUB_REPOSITORY");
+  const [owner, repo] = nwo.split("/");
+  const client = getApiClient();
+
+  try {
+    await client.request(
+      "PUT /repos/:owner/:repo/code-scanning/analysis/status",
+      {
+        owner,
+        repo,
+        data: statusReportJSON,
+      },
+    );
+
+    return true;
+  } catch (e) {
+    console.log(e);
+    if (isHTTPError(e)) {
+      switch (e.status) {
+        case 403:
+          if (
+            getWorkflowEventName() === "push" &&
+            process.env["GITHUB_ACTOR"] === "dependabot[bot]"
+          ) {
+            core.setFailed(
+              'Workflows triggered by Dependabot on the "push" event run with read-only access. ' +
+                "Uploading Code Scanning results requires write access. " +
+                'To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. ' +
+                "See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.",
+            );
+          } else {
+            core.setFailed(e.message || GENERIC_403_MSG);
+          }
+          return false;
+        case 404:
+          core.setFailed(GENERIC_404_MSG);
+          return false;
+        case 422:
+          // schema incompatibility when reporting status
+          // this means that this action version is no longer compatible with the API
+          // we still want to continue as it is likely the analysis endpoint will work
+          if (getRequiredEnvParam("GITHUB_SERVER_URL") !== GITHUB_DOTCOM_URL) {
+            core.debug(INCOMPATIBLE_MSG);
+          } else {
+            core.debug(OUT_OF_DATE_MSG);
+          }
+          return true;
+      }
+    }
+
+    // something else has gone wrong and the request/response will be logged by octokit
+    // it's possible this is a transient error and we should continue scanning
+    core.error(
+      "An unexpected error occurred when sending code scanning status report.",
+    );
+    return true;
+  }
+}

src/upload-sarif-action.ts

@@ -2,9 +2,14 @@ import * as core from "@actions/core";
 
 import * as actionsUtil from "./actions-util";
 import { getActionVersion } from "./actions-util";
-import { createStatusReportBase, sendStatusReport } from "./api-client";
 import { getActionsLogger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
+import {
+  createStatusReportBase,
+  sendStatusReport,
+  StatusReportBase,
+  getActionsStatus,
+} from "./status-report";
 import * as upload_lib from "./upload-lib";
 import {
   getRequiredEnvParam,
@@ -14,7 +19,7 @@ import {
 } from "./util";
 
 interface UploadSarifStatusReport
-  extends actionsUtil.StatusReportBase,
+  extends StatusReportBase,
     upload_lib.UploadStatusReport {}
 
 async function sendSuccessStatusReport(
@@ -72,7 +77,7 @@ async function run() {
     await sendStatusReport(
       await createStatusReportBase(
         "upload-sarif",
-        actionsUtil.getActionsStatus(error),
+        getActionsStatus(error),
         startedAt,
         message,
         error.stack,