robojerk/codeql-action

Add function to read the analysis category from a workflow

Browse source
This commit is contained in:
Henry Mercer 2022-11-22 18:15:28 +00:00
parent 996d04b1e5
commit e2d523ca5e
6 changed files with 227 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

31
lib/workflow.js generated
View file

@ -19,7 +19,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.getWorkflowRunID = exports.getWorkflowPath = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = void 0;
exports.getCategoryInput = exports.getAnalyzeSteps = exports.getWorkflowRunID = exports.getWorkflowPath = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = void 0;
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const core = __importStar(require("@actions/core"));
@ -246,4 +246,33 @@ function getWorkflowRunID() {
return workflowRunID;
}
exports.getWorkflowRunID = getWorkflowRunID;
function getAnalyzeSteps(job) {
const steps = job.steps;
if (!Array.isArray(steps)) {
throw new Error("Could not get analyze steps since job.steps was not an array.");
}
return steps.filter((step) => { var _a; return (_a = step.uses) === null || _a === void 0 ? void 0 : _a.includes("github/codeql-action/analyze"); });
}
exports.getAnalyzeSteps = getAnalyzeSteps;
function getCategoryInput(workflow) {
if (!workflow.jobs) {
throw new Error("Could not get category input since workflow.jobs was undefined.");
}
const categories = Object.values(workflow.jobs)
.map((job) => getAnalyzeSteps(job).map((step) => { var _a; return (_a = step.with) === null || _a === void 0 ? void 0 : _a.category; }))
.flat()
.filter((category) => category !== undefined)
.map((category) => category);
if (categories.length === 0) {
return undefined;
}
if (!categories.every((category) => category === categories[0])) {
throw new Error("Could not get category input since multiple categories were specified by the analysis step.");
}
if (categories[0].includes("${{")) {
throw new Error("Could not get category input since it contained a dynamic value.");
}
return categories[0];
}
exports.getCategoryInput = getCategoryInput;
//# sourceMappingURL=workflow.js.map

2
lib/workflow.js.map
View file

File diff suppressed because one or more lines are too long

62
lib/workflow.test.js generated
View file

@ -355,4 +355,66 @@ function errorCodes(actual, expected) {
on: ["push"]
`)), []));
});
(0, ava_1.default)("getCategoryInput returns category for simple workflow with category", (t) => {
t.is((0, workflow_1.getCategoryInput)(yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
with:
category: some-category
`)), "some-category");
});
(0, ava_1.default)("getCategoryInput returns undefined for simple workflow without category", (t) => {
t.is((0, workflow_1.getCategoryInput)(yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
`)), undefined);
});
(0, ava_1.default)("getCategoryInput throws error for workflow with dynamic category", (t) => {
t.throws(() => (0, workflow_1.getCategoryInput)(yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
strategy:
matrix:
language: [javascript, python]
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
with:
language: \${{ matrix.language }}
- uses: github/codeql-action/analyze@v2
with:
category: "/language:\${{ matrix.language }}"
`)), {
message: "Could not get category input since it contained a dynamic value.",
});
});
(0, ava_1.default)("getCategoryInput throws error for workflow with multiple categories", (t) => {
t.throws(() => (0, workflow_1.getCategoryInput)(yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
with:
category: some-category
- uses: github/codeql-action/analyze@v2
with:
category: another-category
`)), {
message: "Could not get category input since multiple categories were specified by the analysis step.",
});
});
//# sourceMappingURL=workflow.test.js.map

2
lib/workflow.test.js.map
View file

File diff suppressed because one or more lines are too long

91
src/workflow.test.ts
View file

@ -6,6 +6,7 @@ import {
CodedError,
formatWorkflowCause,
formatWorkflowErrors,
getCategoryInput,
getWorkflowErrors,
patternIsSuperset,
Workflow,
@ -522,3 +523,93 @@ test("getWorkflowErrors() should not report an error if PRs are totally unconfig
)
);
});
test("getCategoryInput returns category for simple workflow with category", (t) => {
t.is(
getCategoryInput(
yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
with:
category: some-category
`) as Workflow
),
"some-category"
);
});
test("getCategoryInput returns undefined for simple workflow without category", (t) => {
t.is(
getCategoryInput(
yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
`) as Workflow
),
undefined
);
});
test("getCategoryInput throws error for workflow with dynamic category", (t) => {
t.throws(
() =>
getCategoryInput(
yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
strategy:
matrix:
language: [javascript, python]
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
with:
language: \${{ matrix.language }}
- uses: github/codeql-action/analyze@v2
with:
category: "/language:\${{ matrix.language }}"
`) as Workflow
),
{
message:
"Could not get category input since it contained a dynamic value.",
}
);
});
test("getCategoryInput throws error for workflow with multiple categories", (t) => {
t.throws(
() =>
getCategoryInput(
yaml.load(`
jobs:
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v2
with:
category: some-category
- uses: github/codeql-action/analyze@v2
with:
category: another-category
`) as Workflow
),
{
message:
"Could not get category input since multiple categories were specified by the analysis step.",
}
);
});

42
src/workflow.ts
View file

@ -9,6 +9,8 @@ import { getRequiredEnvParam } from "./util";
interface WorkflowJobStep {
run: any;
uses?: string;
with?: { [key: string]: string };
}
interface WorkflowJob {
@ -290,3 +292,43 @@ export function getWorkflowRunID(): number {
}
return workflowRunID;
}
export function getAnalyzeSteps(job: WorkflowJob): WorkflowJobStep[] {
const steps = job.steps;
if (!Array.isArray(steps)) {
throw new Error(
"Could not get analyze steps since job.steps was not an array."
);
}
return steps.filter((step) =>
step.uses?.includes("github/codeql-action/analyze")
);
}
export function getCategoryInput(workflow: Workflow): string | undefined {
if (!workflow.jobs) {
throw new Error(
"Could not get category input since workflow.jobs was undefined."
);
}
const categories: string[] = Object.values(workflow.jobs)
.map((job) => getAnalyzeSteps(job).map((step) => step.with?.category))
.flat()
.filter((category) => category !== undefined)
.map((category) => category!);
if (categories.length === 0) {
return undefined;
}
if (!categories.every((category) => category === categories[0])) {
throw new Error(
"Could not get category input since multiple categories were specified by the analysis step."
);
}
if (categories[0].includes("${{")) {
throw new Error(
"Could not get category input since it contained a dynamic value."
);
}
return categories[0];
}