# Warning: This file is generated automatically, and should not be modified.
# Instead, please modify the template in the pr-checks directory and run:
#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
# to regenerate this file.

name: PR Check - Submit SARIF after failure
env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
on:
  push:
    branches:
      - main
      - releases/v*
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - ready_for_review
  schedule:
    - cron: '0 5 * * *'
  workflow_dispatch: {}
jobs:
  submit-sarif-failure:
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-latest
            version: linked
          - os: ubuntu-latest
            version: default
          - os: ubuntu-latest
            version: nightly-latest
    name: Submit SARIF after failure
    permissions:
      contents: read
      security-events: write # needed to upload the SARIF file

    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
        id: prepare-test
        uses: ./.github/actions/prepare-test
        with:
          version: ${{ matrix.version }}
          use-all-platform-bundle: 'false'
          setup-kotlin: 'true'
      - uses: actions/checkout@v4
      - uses: ./init
        with:
          languages: javascript
          tools: ${{ steps.prepare-test.outputs.tools-url }}
      - name: Fail
    # We want this job to pass if the Action correctly uploads the SARIF file for
    # the failed run.
    # Setting this step to continue on error means that it is marked as completing
    # successfully, so will not fail the job.
        continue-on-error: true
        run: exit 1
      - uses: ./analyze
    # In a real workflow, this step wouldn't run. Since we used `continue-on-error`
    # above, we manually disable it with an `if` condition.
        if: false
        with:
          category: /test-codeql-version:${{ matrix.version }}
    env:
  # Internal-only environment variable used to indicate that the post-init Action
  # should expect to upload a SARIF file for the failed run.
      CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF: true
  # Make sure the uploading SARIF files feature is enabled.
      CODEQL_ACTION_UPLOAD_FAILED_SARIF: true
  # Upload the failed SARIF file as an integration test of the API endpoint.
      CODEQL_ACTION_TEST_MODE: false
  # Mark telemetry for this workflow so it can be treated separately.
      CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks