Prevent queries in workflow overriding default queries
https://github.com/github/codeql-action/pull/127#pullrequestreview-463207781
This commit is contained in:
Sam Partington
parent
517d9fad41
commit
c6f02973ac
6 changed files with 68 additions and 82 deletions
|
|
@ -478,6 +478,13 @@ export async function getDefaultConfig(): Promise<Config> {
|
|||
const languages = await getLanguages();
|
||||
const queries = {};
|
||||
await addDefaultQueries(languages, queries);
|
||||
const queryUses = core.getInput('queries');
|
||||
if (queryUses) {
|
||||
queryUses.split(',').forEach(async query => {
|
||||
await parseQueryUses('', languages, queries, query);
|
||||
});
|
||||
}
|
||||
|
||||
return {
|
||||
languages: languages,
|
||||
queries: queries,
|
||||
|
|
@ -536,7 +543,14 @@ async function loadConfig(configFile: string): Promise<Config> {
|
|||
await addDefaultQueries(languages, queries);
|
||||
}
|
||||
|
||||
if (QUERIES_PROPERTY in parsedYAML) {
|
||||
// If queries were provided using `with` in the action configuration,
|
||||
// they should take precedence over the queries in the config file
|
||||
const queryUses = core.getInput('queries');
|
||||
if (queryUses) {
|
||||
queryUses.split(',').forEach(async query => {
|
||||
await parseQueryUses(configFile, languages, queries, query);
|
||||
});
|
||||
} else if (QUERIES_PROPERTY in parsedYAML) {
|
||||
if (!(parsedYAML[QUERIES_PROPERTY] instanceof Array)) {
|
||||
throw new Error(getQueriesInvalid(configFile));
|
||||
}
|
||||
|
|
@ -599,13 +613,6 @@ export async function initConfig(): Promise<Config> {
|
|||
config = await loadConfig(configFile);
|
||||
}
|
||||
|
||||
// If queries were provided using `with` in the action configuration,
|
||||
// they should take precedence over the queries in the config file
|
||||
const queryUses = core.getInput('queries');
|
||||
if (queryUses) {
|
||||
config = await updateConfigWithQueries(config, queryUses, configFile);
|
||||
}
|
||||
|
||||
// Save the config so we can easily access it again in the future
|
||||
await saveConfig(config);
|
||||
return config;
|
||||
|
|
@ -620,23 +627,6 @@ function isLocal(configPath: string): boolean {
|
|||
return (configPath.indexOf("@") === -1);
|
||||
}
|
||||
|
||||
async function updateConfigWithQueries(config: Config, queryUses: string, configPath: string): Promise<Config> {
|
||||
if (isLocal(configPath)) {
|
||||
// Treat the config file as relative to the workspace
|
||||
const workspacePath = util.getRequiredEnvParam('GITHUB_WORKSPACE');
|
||||
configPath = path.resolve(workspacePath, configPath);
|
||||
}
|
||||
|
||||
const languages = await getLanguages();
|
||||
const queries = {};
|
||||
queryUses.split(',').forEach(async query => {
|
||||
await parseQueryUses(configPath, languages, queries, query);
|
||||
});
|
||||
config.queries = queries;
|
||||
|
||||
return config;
|
||||
}
|
||||
|
||||
function getLocalConfig(configFile: string, workspacePath: string): UserConfig {
|
||||
// Error if the config file is now outside of the workspace
|
||||
if (!(configFile + path.sep).startsWith(workspacePath + path.sep)) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue