robojerk/codeql-action
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1384 commits 0 branches 1 tag 471 MiB
Commit graph

98 commits

Author SHA1 Message Date
Robert
2a9a602a5e Upload databases from analyze action 2021-06-10 16:09:58 +01:00
Edoardo Pirovano
babcc1b793 Add --finalize-dataset to database finalize call 2021-06-09 16:52:39 +01:00
Edoardo Pirovano
2cc885d66e Replace analyze with run-queries and interpret-results 2021-06-08 09:25:17 +01:00
Edoardo Pirovano
1644ade514 Add --sarif-group-rules-by-pack flag 2021-06-06 09:56:54 +01:00
Edoardo Pirovano
ddb83a462d Cleanup CodeQL DBs and output their location for later steps 2021-06-04 18:54:15 +01:00
Andrew Eisenberg
3708898bf2 Add environment variables to signal feature and version to the CLI 
This PR ensures environment variables are set before any invocation of
the CLI.  Here is a list of vars that are set:

https://github.com/github/codeql-coreql-team/issues/1124#issuecomment-852463521

This ensures the CLI knows the features and versions of the containing
actions/runner.

Additionally:

- Fix the user agent so that it more closely aligns with user agent
  spec
- Refactor environment variable initialization so that it all happens in
  one place and call.
- Move Mode, getRequiredEnvParam, setMode, getMode out of actions-util
  and into util. actions-util is meant for utils only called by the
  action, not the runner.

The `prepareLocalRunEnvironment()` method is most likely deprecated and
should be removed. I originally added it because I had a way of working
where I would run the action from my local machine to test out changes,
but this was always a little flaky. So, I no longer use this way of
working. I will probably remove it soon.
 2021-06-02 11:06:02 -07:00
Andrew Eisenberg
47588796b4 Send the version and mode with the user agent 
This commit changes the way the action determines if running in action
or runner mode. There is now an environment variable that is set at the
beginning of the process and elsewhere in the process, we can check to
see if the variable is set.
 2021-05-31 09:03:29 -07:00
Arthur Baars
44c6b33642 Address comments 2021-05-24 11:00:02 +02:00
Arthur Baars
4f51b8c47e Check available languages 2021-05-23 21:14:07 +02:00
Arthur Baars
69cc3550c8 Use --additional-packs instead of --search-path 2021-05-21 10:40:06 +02:00
Aditya Sharad
512d4671bc
Decode CodeQL stdout as UTF-8 2021-05-20 14:08:29 -07:00
Aditya Sharad
19fe63f821
Analyze: Log the analysis summary in its own group 
Fix grouping of the analysis logs, so that custom query logs also get grouped.
Capture the stdout of codeql database analyze, which contains the analysis summary
from summary and diagnostic queries.
Log this output in its own group, along with the baseline computed in the Action.
 2021-05-20 12:32:09 -07:00
Henning Makholm
e7d4215894 Add warnings about CLI hack to codeql.ts 
These warnings refer to a hack that was added to the CLI in
https://github.com/github/semmle-code/pull/39335

They can be removed again once the CLI has a more principled way for
the CLI to recognize that it's being invoked by the runner/action.
 2021-05-14 21:23:13 +02:00
David Verdeguer
ea18d47a2b Merge branch 'main' into daverlo/categoryInput 2021-05-10 14:54:09 +02:00
Henry Mercer
2c0a85753e Log each query as it's interpreted when calling codeql database analyze 2021-05-05 18:12:16 +01:00
David Verdeguer
c93cbc943a Forward category input to codeql cli 2021-05-03 19:41:53 +02:00
Robert
8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
Edoardo Pirovano
578f9fc99e Add external git repositories to search path for custom queries 2021-04-21 17:40:56 +01:00
Robert
5004a54ed3 Merge branch 'main' into robertbrignull/toolcache-query-safety 2021-03-16 15:29:47 +00:00
Robert
d698cb3d2b Make unguarded-action-lib better at ignoring uses of toolcache 2021-03-16 13:14:17 +00:00
Robert
09024e50d4 make control flow cleaer to fix query alert 2021-03-16 12:07:00 +00:00
Chris Gavin
bb51ece0b4
When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first. 2021-03-07 11:18:54 +00:00
Chris Gavin
f8c5dacab5
Also look for the CodeQL bundle at the custom GitHub AE endpoint. 2021-02-15 19:41:41 +00:00
Chris Gavin
d182a0e3aa
Fix deduplication of bundle download sources. 2021-01-26 16:56:43 +00:00
Robin Neatherway
dff118f7ad Use version information to construct payload 2020-11-30 16:45:18 +00:00
Robert
81a21bfa1e Request meta endpoint at the start of execution 2020-11-26 17:54:46 +00:00
Sam Partington
20567b5888 Introduce parameter object for API params that travel together 2020-11-23 14:39:01 +00:00
Eric Cornelissen
6aaf0483f0 Merge branch 'main' into fix-typos 2020-11-20 14:32:12 +01:00
Eric Cornelissen
5416d4f3b5 Run npm run build 2020-11-20 11:35:59 +01:00
Eric Cornelissen
847f4ef293 Run npm run build 2020-11-19 23:03:45 +01:00
Robert
0d960df08a Merge branch 'main' into robertbrignull/tools_version 2020-11-18 11:25:46 +00:00
Chris Gavin
f94e06a382
Merge main into add-multi-cause-markdown-flag. 2020-11-18 08:26:39 +00:00
Robert
1737b806ff check if running locally 2020-11-12 14:18:58 +00:00
Robert
80b43ca9d3 send action ref and tool version in status reports 2020-11-12 12:27:31 +00:00
Chris Gavin
bf30ea69d6
Make use of the GITHUB_ACTION_REPOSITORY environment variable if it is set. 2020-11-10 13:30:20 +00:00
Andrew Eisenberg
bc1ee1620f
Add the --threads config option to finalize db (#281) 
This flag is already being used for `runQueries`, so let's use it for
finalize as well.
 2020-11-03 08:25:40 -08:00
Chris Gavin
b16110e60e
Log the version warning a second time if a request fails unexpectedly. 2020-11-03 12:57:15 +00:00
Chris Gavin
5e2fa08dae
Merge main into check-api-version. 2020-11-02 09:02:05 +00:00
Chris Gavin
865b4bd832
Pass a logger in to getApiClient() rather than constructing one there. 2020-11-02 08:53:25 +00:00
Chris Gavin
1220ae5bfd
Log a warning if the API version is not supported. 2020-10-30 12:20:06 +00:00
David Verdeguer
04e7c3cfe7 Merge branch 'main' into daverlo/min-disk-free 2020-10-30 11:25:55 +01:00
Chris Gavin
2d75893188
Enable the CodeQL SARIF multi-cause markdown flag. 2020-10-27 13:50:40 +00:00
Chris Raynor
6d01157d11
Merge branch 'cbraynor/fix206' into cbraynor/fix201 2020-10-01 11:17:59 +01:00
Chris Raynor
10479a214a
Merge branch 'main' into cbraynor/fix206 2020-10-01 11:09:05 +01:00
Chris Raynor
122c9b7f24
Switching to import/order instead of sort-imports 2020-10-01 11:03:46 +01:00
Marco Gario
d5029a8680 Platform specific bundle 2020-10-01 10:04:48 +02:00
Chris Raynor
8200c137dc
Resolve violations of import/no-extraneous-dependencies lint 
Fixes #201
 2020-09-29 15:03:21 +01:00
Chris Raynor
228546a1e5
Resolve violations of sort-imports lint 
Resolves #206
 2020-09-29 14:43:37 +01:00
David Verdeguer
7753dec413 Add min disk free flag to database analyze: 2020-09-24 11:42:21 +02:00
Michael Huynh
80b408e704
Resolve violations of eslint-comments/no-use lint 
Resolves #197
 2020-09-23 20:25:45 +08:00