49 lines
1.9 KiB
YAML
49 lines
1.9 KiB
YAML
name: "Go: diagnostic when Go is changed after init step"
|
|
description: "Checks that we emit a diagnostic if Go is changed after the init step"
|
|
# only Linux is affected
|
|
operatingSystems: ["ubuntu"]
|
|
# pinned to a version which does not support statically linked binaries for indirect tracing
|
|
versions: ["default"]
|
|
steps:
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
# We need a Go version that ships with statically linked binaries on Linux
|
|
go-version: ">=1.21.0"
|
|
- uses: ./../action/init
|
|
with:
|
|
languages: go
|
|
tools: ${{ steps.prepare-test.outputs.tools-url }}
|
|
# Deliberately change Go after the `init` step
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version: "1.20"
|
|
- name: Build code
|
|
shell: bash
|
|
run: go build main.go
|
|
- uses: ./../action/analyze
|
|
with:
|
|
output: "${{ runner.temp }}/results"
|
|
upload-database: false
|
|
- name: Check diagnostic appears in SARIF
|
|
uses: actions/github-script@v7
|
|
env:
|
|
SARIF_PATH: "${{ runner.temp }}/results/go.sarif"
|
|
with:
|
|
script: |
|
|
const fs = require('fs');
|
|
|
|
const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
|
|
const run = sarif.runs[0];
|
|
|
|
const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
|
|
const statusPageNotifications = toolExecutionNotifications.filter(n =>
|
|
n.descriptor.id === 'go/workflow/go-installed-after-codeql-init' && n.properties?.visibility?.statusPage
|
|
);
|
|
if (statusPageNotifications.length !== 1) {
|
|
core.setFailed(
|
|
'Expected exactly one status page reporting descriptor for this diagnostic in the ' +
|
|
`'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
|
|
`${statusPageNotifications.length}. All notification reporting descriptors: ` +
|
|
`${JSON.stringify(toolExecutionNotifications)}.`
|
|
);
|
|
}
|