name: Check queries that ran

on:
  push:
    branches:
    - main
    - releases/v*
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  schedule:
    - cron: '0 5 * * *'
  workflow_dispatch: {}

jobs:
  expected-queries:
    name: Expected Queries Tests
    env:
      CODEQL_ACTION_TEST_MODE: true
    timeout-minutes: 45
    runs-on: ubuntu-latest
    permissions:
      contents: read
      security-events: read
    steps:
    - name: Check out repository
      uses: actions/checkout@v4
    - name: Prepare test
      id: prepare-test
      uses: ./.github/actions/prepare-test
      with:
        version: linked
    - uses: ./../action/init
      with:
        languages: javascript
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results

    - name: Check Sarif
      uses: ./../action/.github/actions/check-sarif
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: js/incomplete-hostname-regexp,js/path-injection
        queries-not-run: foo,bar