ensure only the upload-sarif action can submit a status report with first_party_analysis=false
This commit is contained in:
nickfyson
parent
a7dc229496
commit
f32f0bf8e4
9 changed files with 77 additions and 23 deletions
8
lib/actions-util.js
generated
8
lib/actions-util.js
generated
|
|
@ -242,9 +242,13 @@ exports.getActionVersion = getActionVersion;
|
|||
*
|
||||
* This is based on whether the init action has been used, which is only used for first party analysis.
|
||||
* When a SARIF file has been generated by other means and submitted using the upload action, this is
|
||||
* considered to be a third party analysis and is treated differently when calculating SLOs.
|
||||
* considered to be a third party analysis and is treated differently when calculating SLOs. To ensure
|
||||
* misconfigured workflows are not treated as third party, only the upload-sarif action can return false.
|
||||
*/
|
||||
function isFirstPartyAnalysis() {
|
||||
function isFirstPartyAnalysis(actionName) {
|
||||
if (actionName !== "upload-sarif") {
|
||||
return true;
|
||||
}
|
||||
return process.env[environment_1.EnvVar.INIT_ACTION_HAS_RUN] === "true";
|
||||
}
|
||||
exports.isFirstPartyAnalysis = isFirstPartyAnalysis;
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
2
lib/status-report.js
generated
2
lib/status-report.js
generated
|
|
@ -100,7 +100,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, diskI
|
|||
action_version: (0, actions_util_1.getActionVersion)(),
|
||||
analysis_key,
|
||||
commit_oid: commitOid,
|
||||
first_party_analysis: (0, actions_util_1.isFirstPartyAnalysis)(),
|
||||
first_party_analysis: (0, actions_util_1.isFirstPartyAnalysis)(actionName),
|
||||
job_name: jobName,
|
||||
job_run_uuid: jobRunUUID,
|
||||
ref,
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
9
lib/status-report.test.js
generated
9
lib/status-report.test.js
generated
|
|
@ -83,11 +83,14 @@ const util_1 = require("./util");
|
|||
process.env["RUNNER_TEMP"] = tmpDir;
|
||||
const getRequiredInput = sinon.stub(actionsUtil, "getRequiredInput");
|
||||
getRequiredInput.withArgs("matrix").resolves("input/matrix");
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("init", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, false);
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("upload-sarif", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, false);
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("autobuild", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, true);
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "foobar";
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("init", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, false);
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "true";
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("upload-sarif", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, false);
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("init", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, true);
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "true";
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("upload-sarif", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, true);
|
||||
t.is((await (0, status_report_1.createStatusReportBase)("finish", "failure", new Date("May 19, 2023 05:19:00"), { numAvailableBytes: 100, numTotalBytes: 500 }, "failure cause", "exception stack trace")).first_party_analysis, true);
|
||||
});
|
||||
});
|
||||
//# sourceMappingURL=status-report.test.js.map
|
||||
|
|
@ -1 +1 @@
|
|||
{"version":3,"file":"status-report.test.js","sourceRoot":"","sources":["../src/status-report.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,+CAAuC;AACvC,mDAAyD;AACzD,mDAA+D;AAC/D,iCAAoC;AAEpC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACzC,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,cAAc,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,iBAAiB,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,oBAAoB,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,GAAG,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,cAAc,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC;QAEnC,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACrE,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,MAAM,IAAA,sCAAsB,EAC/C,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CAAC;QAEF,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QACvC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACzC,CAAC,CAAC,EAAE,CAAC,OAAO,YAAY,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CACF,YAAY,CAAC,iBAAiB,EAC9B,IAAI,IAAI,CAAC,uBAAuB,CAAC,CAAC,WAAW,EAAE,CAChD,CAAC;QACF,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QAChD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;QAC1C,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;QACtD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7D,CAAC,CAAC,EAAE,CAAC,OAAO,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;QACrE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;QACvD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAE,CAAC,CAAC;QACxE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACrC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC;QACvE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,oBAAoB,EAAE,CAAC,CAAC,CAAC;QAC3C,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,mCAAmC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACpD,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,cAAc,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,iBAAiB,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,oBAAoB,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,GAAG,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,cAAc,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACrE,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAE7D,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,KAAK,CACN,CAAC;QAEF,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,QAAQ,CAAC;QACrD,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,KAAK,CACN,CAAC;QAEF,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,MAAM,CAAC;QACnD,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,IAAI,CACL,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
||||
{"version":3,"file":"status-report.test.js","sourceRoot":"","sources":["../src/status-report.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,+CAAuC;AACvC,mDAAyD;AACzD,mDAA+D;AAC/D,iCAAoC;AAEpC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACzC,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,cAAc,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,iBAAiB,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,oBAAoB,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,GAAG,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,cAAc,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC;QAEnC,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACrE,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,MAAM,IAAA,sCAAsB,EAC/C,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CAAC;QAEF,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QACvC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACzC,CAAC,CAAC,EAAE,CAAC,OAAO,YAAY,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CACF,YAAY,CAAC,iBAAiB,EAC9B,IAAI,IAAI,CAAC,uBAAuB,CAAC,CAAC,WAAW,EAAE,CAChD,CAAC;QACF,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QAChD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;QAC1C,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;QACtD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7D,CAAC,CAAC,EAAE,CAAC,OAAO,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;QACrE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;QACvD,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAE,CAAC,CAAC;QACxE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACrC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC;QACvE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,oBAAoB,EAAE,CAAC,CAAC,CAAC;QAC3C,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,mCAAmC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACpD,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,cAAc,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,iBAAiB,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,oBAAoB,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,GAAG,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,cAAc,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACrE,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAE7D,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,cAAc,EACd,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,KAAK,CACN,CAAC;QAEF,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,IAAI,CACL,CAAC;QAEF,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,QAAQ,CAAC;QACrD,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,cAAc,EACd,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,KAAK,CACN,CAAC;QAEF,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,MAAM,EACN,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,IAAI,CACL,CAAC;QAEF,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,MAAM,CAAC;QACnD,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,cAAc,EACd,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,IAAI,CACL,CAAC;QAEF,CAAC,CAAC,EAAE,CACF,CACE,MAAM,IAAA,sCAAsB,EAC1B,QAAQ,EACR,SAAS,EACT,IAAI,IAAI,CAAC,uBAAuB,CAAC,EACjC,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,EAC9C,eAAe,EACf,uBAAuB,CACxB,CACF,CAAC,oBAAoB,EACtB,IAAI,CACL,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
||||
|
|
@ -15,6 +15,14 @@ import {
|
|||
ConfigurationError,
|
||||
} from "./util";
|
||||
|
||||
export type ActionName =
|
||||
| "autobuild"
|
||||
| "finish"
|
||||
| "init"
|
||||
| "init-post"
|
||||
| "resolve-environment"
|
||||
| "upload-sarif";
|
||||
|
||||
// eslint-disable-next-line import/no-commonjs
|
||||
const pkg = require("../package.json") as JSONSchemaForNPMPackageJsonFiles;
|
||||
|
||||
|
|
@ -265,9 +273,13 @@ export function getActionVersion(): string {
|
|||
*
|
||||
* This is based on whether the init action has been used, which is only used for first party analysis.
|
||||
* When a SARIF file has been generated by other means and submitted using the upload action, this is
|
||||
* considered to be a third party analysis and is treated differently when calculating SLOs.
|
||||
* considered to be a third party analysis and is treated differently when calculating SLOs. To ensure
|
||||
* misconfigured workflows are not treated as third party, only the upload-sarif action can return false.
|
||||
*/
|
||||
export function isFirstPartyAnalysis(): boolean {
|
||||
export function isFirstPartyAnalysis(actionName: ActionName): boolean {
|
||||
if (actionName !== "upload-sarif") {
|
||||
return true;
|
||||
}
|
||||
return process.env[EnvVar.INIT_ACTION_HAS_RUN] === "true";
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ test("createStatusReportBase_firstParty", async (t) => {
|
|||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
"init",
|
||||
"upload-sarif",
|
||||
"failure",
|
||||
new Date("May 19, 2023 05:19:00"),
|
||||
{ numAvailableBytes: 100, numTotalBytes: 500 },
|
||||
|
|
@ -90,11 +90,25 @@ test("createStatusReportBase_firstParty", async (t) => {
|
|||
false,
|
||||
);
|
||||
|
||||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
"autobuild",
|
||||
"failure",
|
||||
new Date("May 19, 2023 05:19:00"),
|
||||
{ numAvailableBytes: 100, numTotalBytes: 500 },
|
||||
"failure cause",
|
||||
"exception stack trace",
|
||||
)
|
||||
).first_party_analysis,
|
||||
true,
|
||||
);
|
||||
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "foobar";
|
||||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
"init",
|
||||
"upload-sarif",
|
||||
"failure",
|
||||
new Date("May 19, 2023 05:19:00"),
|
||||
{ numAvailableBytes: 100, numTotalBytes: 500 },
|
||||
|
|
@ -105,7 +119,6 @@ test("createStatusReportBase_firstParty", async (t) => {
|
|||
false,
|
||||
);
|
||||
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "true";
|
||||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
|
|
@ -119,5 +132,34 @@ test("createStatusReportBase_firstParty", async (t) => {
|
|||
).first_party_analysis,
|
||||
true,
|
||||
);
|
||||
|
||||
process.env["CODEQL_INIT_ACTION_HAS_RUN"] = "true";
|
||||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
"upload-sarif",
|
||||
"failure",
|
||||
new Date("May 19, 2023 05:19:00"),
|
||||
{ numAvailableBytes: 100, numTotalBytes: 500 },
|
||||
"failure cause",
|
||||
"exception stack trace",
|
||||
)
|
||||
).first_party_analysis,
|
||||
true,
|
||||
);
|
||||
|
||||
t.is(
|
||||
(
|
||||
await createStatusReportBase(
|
||||
"finish",
|
||||
"failure",
|
||||
new Date("May 19, 2023 05:19:00"),
|
||||
{ numAvailableBytes: 100, numTotalBytes: 500 },
|
||||
"failure cause",
|
||||
"exception stack trace",
|
||||
)
|
||||
).first_party_analysis,
|
||||
true,
|
||||
);
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@ import {
|
|||
getActionVersion,
|
||||
getRequiredInput,
|
||||
isFirstPartyAnalysis,
|
||||
ActionName,
|
||||
} from "./actions-util";
|
||||
import { getAnalysisKey, getApiClient } from "./api-client";
|
||||
import { EnvVar } from "./environment";
|
||||
|
|
@ -24,14 +25,6 @@ import {
|
|||
DiskUsage,
|
||||
} from "./util";
|
||||
|
||||
export type ActionName =
|
||||
| "autobuild"
|
||||
| "finish"
|
||||
| "init"
|
||||
| "init-post"
|
||||
| "resolve-environment"
|
||||
| "upload-sarif";
|
||||
|
||||
export type ActionStatus =
|
||||
| "aborted" // Only used in the init Action, if init failed before initializing the tracer due to something other than a configuration error.
|
||||
| "failure"
|
||||
|
|
@ -230,7 +223,7 @@ export async function createStatusReportBase(
|
|||
action_version: getActionVersion(),
|
||||
analysis_key,
|
||||
commit_oid: commitOid,
|
||||
first_party_analysis: isFirstPartyAnalysis(),
|
||||
first_party_analysis: isFirstPartyAnalysis(actionName),
|
||||
job_name: jobName,
|
||||
job_run_uuid: jobRunUUID,
|
||||
ref,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue