From c208575433087202f0e1ff273fe4421edadc0e10 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Tue, 14 Mar 2023 14:55:58 -0700 Subject: [PATCH] Avoid uploading databases after integration tests We are still getting coverage of the upload capability through the standard codeql analysis workflow. --- .github/workflows/__analyze-ref-input.yml | 1 + .github/workflows/__autobuild-action.yml | 2 ++ .github/workflows/__go-custom-queries.yml | 2 ++ .github/workflows/__go-tracing-autobuilder.yml | 2 ++ .github/workflows/__go-tracing-custom-build-steps.yml | 2 ++ .github/workflows/__go-tracing-legacy-workflow.yml | 2 ++ .github/workflows/__javascript-source-root.yml | 1 + .github/workflows/__multi-language-autodetect.yml | 2 ++ .../workflows/__packaging-codescanning-config-inputs-js.yml | 1 + .github/workflows/__packaging-config-inputs-js.yml | 1 + .github/workflows/__packaging-config-js.yml | 1 + .github/workflows/__ruby.yml | 2 ++ .github/workflows/__split-workflow.yml | 1 + .github/workflows/__swift-autobuild.yml | 2 ++ .github/workflows/__swift-custom-build.yml | 2 ++ .github/workflows/__test-autobuild-working-dir.yml | 2 ++ .github/workflows/__test-local-codeql.yml | 2 ++ .github/workflows/__test-proxy.yml | 2 ++ .github/workflows/__unset-environment.yml | 2 ++ .github/workflows/__upload-ref-sha-input.yml | 1 + .github/workflows/__with-checkout-path.yml | 1 + pr-checks/checks/analyze-ref-input.yml | 1 + pr-checks/checks/autobuild-action.yml | 2 ++ pr-checks/checks/go-custom-queries.yml | 4 +++- pr-checks/checks/go-tracing-autobuilder.yml | 2 ++ pr-checks/checks/go-tracing-custom-build-steps.yml | 2 ++ pr-checks/checks/go-tracing-legacy-workflow.yml | 2 ++ pr-checks/checks/javascript-source-root.yml | 1 + pr-checks/checks/multi-language-autodetect.yml | 4 +++- pr-checks/checks/packaging-codescanning-config-inputs-js.yml | 1 + pr-checks/checks/packaging-config-inputs-js.yml | 1 + pr-checks/checks/packaging-config-js.yml | 1 + pr-checks/checks/ruby.yml | 2 ++ pr-checks/checks/split-workflow.yml | 1 + pr-checks/checks/swift-autobuild.yml | 2 ++ pr-checks/checks/swift-custom-build.yml | 2 ++ pr-checks/checks/test-autobuild-working-dir.yml | 2 ++ pr-checks/checks/test-local-codeql.yml | 2 ++ pr-checks/checks/test-proxy.yml | 2 ++ pr-checks/checks/unset-environment.yml | 2 ++ pr-checks/checks/upload-ref-sha-input.yml | 1 + pr-checks/checks/with-checkout-path.yml | 1 + 42 files changed, 70 insertions(+), 2 deletions(-) diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index 357fda7d0a..3d19c1490d 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -88,6 +88,7 @@ jobs: run: ./build.sh - uses: ./../action/analyze with: + upload-database: false ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 env: diff --git a/.github/workflows/__autobuild-action.yml b/.github/workflows/__autobuild-action.yml index 5e3a1a8625..f99a4dc59f 100644 --- a/.github/workflows/__autobuild-action.yml +++ b/.github/workflows/__autobuild-action.yml @@ -56,6 +56,8 @@ jobs: CORECLR_PROFILER: '' CORECLR_PROFILER_PATH_64: '' - uses: ./../action/analyze + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/.github/workflows/__go-custom-queries.yml b/.github/workflows/__go-custom-queries.yml index a3f7209211..b011d9b5cc 100644 --- a/.github/workflows/__go-custom-queries.yml +++ b/.github/workflows/__go-custom-queries.yml @@ -86,6 +86,8 @@ jobs: shell: bash run: ./build.sh - uses: ./../action/analyze + with: + upload-database: false env: DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false' CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__go-tracing-autobuilder.yml b/.github/workflows/__go-tracing-autobuilder.yml index 6ddb46b90a..4175ef3a46 100644 --- a/.github/workflows/__go-tracing-autobuilder.yml +++ b/.github/workflows/__go-tracing-autobuilder.yml @@ -71,6 +71,8 @@ jobs: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/autobuild - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then diff --git a/.github/workflows/__go-tracing-custom-build-steps.yml b/.github/workflows/__go-tracing-custom-build-steps.yml index 8f416388c7..06e27583c0 100644 --- a/.github/workflows/__go-tracing-custom-build-steps.yml +++ b/.github/workflows/__go-tracing-custom-build-steps.yml @@ -73,6 +73,8 @@ jobs: shell: bash run: go build main.go - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | # Once we start running Bash 4.2 in all environments, we can replace the diff --git a/.github/workflows/__go-tracing-legacy-workflow.yml b/.github/workflows/__go-tracing-legacy-workflow.yml index 21ba978309..3511805c73 100644 --- a/.github/workflows/__go-tracing-legacy-workflow.yml +++ b/.github/workflows/__go-tracing-legacy-workflow.yml @@ -70,6 +70,8 @@ jobs: languages: go tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | cd "$RUNNER_TEMP/codeql_databases" diff --git a/.github/workflows/__javascript-source-root.yml b/.github/workflows/__javascript-source-root.yml index 369de3aa1c..5f81c7c13a 100644 --- a/.github/workflows/__javascript-source-root.yml +++ b/.github/workflows/__javascript-source-root.yml @@ -54,6 +54,7 @@ jobs: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze with: + upload-database: false skip-queries: true upload: false - name: Assert database exists diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index 44552b1c25..8b3d90eed0 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -81,6 +81,8 @@ jobs: - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check language autodetect for all languages excluding Ruby, Swift shell: bash diff --git a/.github/workflows/__packaging-codescanning-config-inputs-js.yml b/.github/workflows/__packaging-codescanning-config-inputs-js.yml index aab56afa65..7a86504374 100644 --- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml +++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml @@ -66,6 +66,7 @@ jobs: - uses: ./../action/analyze with: output: ${{ runner.temp }}/results + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/.github/workflows/__packaging-config-inputs-js.yml b/.github/workflows/__packaging-config-inputs-js.yml index 0963924765..5fde2b92ca 100644 --- a/.github/workflows/__packaging-config-inputs-js.yml +++ b/.github/workflows/__packaging-config-inputs-js.yml @@ -66,6 +66,7 @@ jobs: - uses: ./../action/analyze with: output: ${{ runner.temp }}/results + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/.github/workflows/__packaging-config-js.yml b/.github/workflows/__packaging-config-js.yml index ebb0b0f1eb..04b330fea1 100644 --- a/.github/workflows/__packaging-config-js.yml +++ b/.github/workflows/__packaging-config-js.yml @@ -65,6 +65,7 @@ jobs: - uses: ./../action/analyze with: output: ${{ runner.temp }}/results + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/.github/workflows/__ruby.yml b/.github/workflows/__ruby.yml index 2df8f1f456..cb1b505d5d 100644 --- a/.github/workflows/__ruby.yml +++ b/.github/workflows/__ruby.yml @@ -54,6 +54,8 @@ jobs: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/.github/workflows/__split-workflow.yml b/.github/workflows/__split-workflow.yml index 036c912914..7d3a2650e1 100644 --- a/.github/workflows/__split-workflow.yml +++ b/.github/workflows/__split-workflow.yml @@ -61,6 +61,7 @@ jobs: with: skip-queries: true output: ${{ runner.temp }}/results + upload-database: false - name: Assert No Results shell: bash diff --git a/.github/workflows/__swift-autobuild.yml b/.github/workflows/__swift-autobuild.yml index 9a581d3cf3..829a82975c 100644 --- a/.github/workflows/__swift-autobuild.yml +++ b/.github/workflows/__swift-autobuild.yml @@ -57,6 +57,8 @@ jobs: timeout-minutes: 10 - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/.github/workflows/__swift-custom-build.yml b/.github/workflows/__swift-custom-build.yml index dbade7b300..d10246db14 100644 --- a/.github/workflows/__swift-custom-build.yml +++ b/.github/workflows/__swift-custom-build.yml @@ -64,6 +64,8 @@ jobs: run: ./build.sh - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/.github/workflows/__test-autobuild-working-dir.yml b/.github/workflows/__test-autobuild-working-dir.yml index c6d13ab7b4..b0baa3b3f5 100644 --- a/.github/workflows/__test-autobuild-working-dir.yml +++ b/.github/workflows/__test-autobuild-working-dir.yml @@ -53,6 +53,8 @@ jobs: with: working-directory: autobuild-dir - uses: ./../action/analyze + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/.github/workflows/__test-local-codeql.yml b/.github/workflows/__test-local-codeql.yml index 6d9312ee2c..f5c5ff669f 100644 --- a/.github/workflows/__test-local-codeql.yml +++ b/.github/workflows/__test-local-codeql.yml @@ -51,5 +51,7 @@ jobs: shell: bash run: ./build.sh - uses: ./../action/analyze + with: + upload-database: false env: CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__test-proxy.yml b/.github/workflows/__test-proxy.yml index 82fcf7460c..9895f01843 100644 --- a/.github/workflows/__test-proxy.yml +++ b/.github/workflows/__test-proxy.yml @@ -43,6 +43,8 @@ jobs: languages: javascript tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze + with: + upload-database: false env: https_proxy: http://squid-proxy:3128 CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index dcba338e44..8b54633c57 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -65,6 +65,8 @@ jobs: ./build.sh - uses: ./../action/analyze id: analysis + with: + upload-database: false - shell: bash run: | CPP_DB="${{ fromJson(steps.analysis.outputs.db-locations).cpp }}" diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index 7c7a24f240..5336d4aa85 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -88,6 +88,7 @@ jobs: run: ./build.sh - uses: ./../action/analyze with: + upload-database: false ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 upload: false diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index 84c822374f..9b44a04c2e 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -104,6 +104,7 @@ jobs: ref: v1.1.0 sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6 upload: false + upload-database: false - uses: ./../action/upload-sarif with: diff --git a/pr-checks/checks/analyze-ref-input.yml b/pr-checks/checks/analyze-ref-input.yml index 7948c3d5da..5baf088816 100644 --- a/pr-checks/checks/analyze-ref-input.yml +++ b/pr-checks/checks/analyze-ref-input.yml @@ -11,5 +11,6 @@ steps: run: ./build.sh - uses: ./../action/analyze with: + upload-database: false ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' diff --git a/pr-checks/checks/autobuild-action.yml b/pr-checks/checks/autobuild-action.yml index c219e41fe3..aa3cbdcca6 100644 --- a/pr-checks/checks/autobuild-action.yml +++ b/pr-checks/checks/autobuild-action.yml @@ -16,6 +16,8 @@ steps: CORECLR_PROFILER: "" CORECLR_PROFILER_PATH_64: "" - uses: ./../action/analyze + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/pr-checks/checks/go-custom-queries.yml b/pr-checks/checks/go-custom-queries.yml index 518c51a9f1..4d15805971 100644 --- a/pr-checks/checks/go-custom-queries.yml +++ b/pr-checks/checks/go-custom-queries.yml @@ -1,6 +1,6 @@ name: "Go: Custom queries" description: "Checks that Go works in conjunction with a config file specifying custom queries" -env: +env: DOTNET_GENERATE_ASPNET_CERTIFICATE: "false" steps: - uses: ./../action/init @@ -12,3 +12,5 @@ steps: shell: bash run: ./build.sh - uses: ./../action/analyze + with: + upload-database: false diff --git a/pr-checks/checks/go-tracing-autobuilder.yml b/pr-checks/checks/go-tracing-autobuilder.yml index 4c01f02d62..87fe3120eb 100644 --- a/pr-checks/checks/go-tracing-autobuilder.yml +++ b/pr-checks/checks/go-tracing-autobuilder.yml @@ -10,6 +10,8 @@ steps: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/autobuild - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then diff --git a/pr-checks/checks/go-tracing-custom-build-steps.yml b/pr-checks/checks/go-tracing-custom-build-steps.yml index 1490717694..bc6ce396ab 100644 --- a/pr-checks/checks/go-tracing-custom-build-steps.yml +++ b/pr-checks/checks/go-tracing-custom-build-steps.yml @@ -10,6 +10,8 @@ steps: shell: bash run: go build main.go - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | # Once we start running Bash 4.2 in all environments, we can replace the diff --git a/pr-checks/checks/go-tracing-legacy-workflow.yml b/pr-checks/checks/go-tracing-legacy-workflow.yml index 010d425f55..e6f91d0802 100644 --- a/pr-checks/checks/go-tracing-legacy-workflow.yml +++ b/pr-checks/checks/go-tracing-legacy-workflow.yml @@ -9,6 +9,8 @@ steps: languages: go tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze + with: + upload-database: false - shell: bash run: | cd "$RUNNER_TEMP/codeql_databases" diff --git a/pr-checks/checks/javascript-source-root.yml b/pr-checks/checks/javascript-source-root.yml index ed85a604d1..bf97e098d4 100644 --- a/pr-checks/checks/javascript-source-root.yml +++ b/pr-checks/checks/javascript-source-root.yml @@ -15,6 +15,7 @@ steps: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze with: + upload-database: false skip-queries: true upload: false - name: Assert database exists diff --git a/pr-checks/checks/multi-language-autodetect.yml b/pr-checks/checks/multi-language-autodetect.yml index 9b9b5336c5..73d520799a 100644 --- a/pr-checks/checks/multi-language-autodetect.yml +++ b/pr-checks/checks/multi-language-autodetect.yml @@ -9,7 +9,7 @@ steps: with: db-location: "${{ runner.temp }}/customDbLocation" tools: ${{ steps.prepare-test.outputs.tools-url }} - + - uses: ./../action/.github/setup-swift with: codeql-path: ${{steps.init.outputs.codeql-path}} @@ -20,6 +20,8 @@ steps: - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check language autodetect for all languages excluding Ruby, Swift shell: bash diff --git a/pr-checks/checks/packaging-codescanning-config-inputs-js.yml b/pr-checks/checks/packaging-codescanning-config-inputs-js.yml index 94f42cb7b5..6444593122 100644 --- a/pr-checks/checks/packaging-codescanning-config-inputs-js.yml +++ b/pr-checks/checks/packaging-codescanning-config-inputs-js.yml @@ -18,6 +18,7 @@ steps: - uses: ./../action/analyze with: output: "${{ runner.temp }}/results" + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/pr-checks/checks/packaging-config-inputs-js.yml b/pr-checks/checks/packaging-config-inputs-js.yml index 56d9344ec3..d942dceaf4 100644 --- a/pr-checks/checks/packaging-config-inputs-js.yml +++ b/pr-checks/checks/packaging-config-inputs-js.yml @@ -14,6 +14,7 @@ steps: - uses: ./../action/analyze with: output: "${{ runner.temp }}/results" + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/pr-checks/checks/packaging-config-js.yml b/pr-checks/checks/packaging-config-js.yml index 40334228bc..1d39ba8ca4 100644 --- a/pr-checks/checks/packaging-config-js.yml +++ b/pr-checks/checks/packaging-config-js.yml @@ -13,6 +13,7 @@ steps: - uses: ./../action/analyze with: output: "${{ runner.temp }}/results" + upload-database: false - name: Check results uses: ./../action/.github/check-sarif diff --git a/pr-checks/checks/ruby.yml b/pr-checks/checks/ruby.yml index 3b4279aa66..53891a71af 100644 --- a/pr-checks/checks/ruby.yml +++ b/pr-checks/checks/ruby.yml @@ -9,6 +9,8 @@ steps: tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/pr-checks/checks/split-workflow.yml b/pr-checks/checks/split-workflow.yml index 6e802c22fb..529d885fd5 100644 --- a/pr-checks/checks/split-workflow.yml +++ b/pr-checks/checks/split-workflow.yml @@ -16,6 +16,7 @@ steps: with: skip-queries: true output: "${{ runner.temp }}/results" + upload-database: false - name: Assert No Results shell: bash diff --git a/pr-checks/checks/swift-autobuild.yml b/pr-checks/checks/swift-autobuild.yml index 30faa0558c..dd48197700 100644 --- a/pr-checks/checks/swift-autobuild.yml +++ b/pr-checks/checks/swift-autobuild.yml @@ -21,6 +21,8 @@ steps: timeout-minutes: 10 - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/pr-checks/checks/swift-custom-build.yml b/pr-checks/checks/swift-custom-build.yml index b704e33584..1fc1dd5f34 100644 --- a/pr-checks/checks/swift-custom-build.yml +++ b/pr-checks/checks/swift-custom-build.yml @@ -22,6 +22,8 @@ steps: run: ./build.sh - uses: ./../action/analyze id: analysis + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/pr-checks/checks/test-autobuild-working-dir.yml b/pr-checks/checks/test-autobuild-working-dir.yml index 3d3a8b8406..56338ee325 100644 --- a/pr-checks/checks/test-autobuild-working-dir.yml +++ b/pr-checks/checks/test-autobuild-working-dir.yml @@ -18,6 +18,8 @@ steps: with: working-directory: autobuild-dir - uses: ./../action/analyze + with: + upload-database: false - name: Check database shell: bash run: | diff --git a/pr-checks/checks/test-local-codeql.yml b/pr-checks/checks/test-local-codeql.yml index 3a7edc9813..b999897bbd 100644 --- a/pr-checks/checks/test-local-codeql.yml +++ b/pr-checks/checks/test-local-codeql.yml @@ -16,3 +16,5 @@ steps: shell: bash run: ./build.sh - uses: ./../action/analyze + with: + upload-database: false diff --git a/pr-checks/checks/test-proxy.yml b/pr-checks/checks/test-proxy.yml index fd0d4f98bf..33955004e7 100644 --- a/pr-checks/checks/test-proxy.yml +++ b/pr-checks/checks/test-proxy.yml @@ -18,3 +18,5 @@ steps: languages: javascript tools: ${{ steps.prepare-test.outputs.tools-url }} - uses: ./../action/analyze + with: + upload-database: false diff --git a/pr-checks/checks/unset-environment.yml b/pr-checks/checks/unset-environment.yml index 6e36c07863..965afcfd2e 100644 --- a/pr-checks/checks/unset-environment.yml +++ b/pr-checks/checks/unset-environment.yml @@ -13,6 +13,8 @@ steps: run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME" ./build.sh - uses: ./../action/analyze id: analysis + with: + upload-database: false - shell: bash run: | CPP_DB="${{ fromJson(steps.analysis.outputs.db-locations).cpp }}" diff --git a/pr-checks/checks/upload-ref-sha-input.yml b/pr-checks/checks/upload-ref-sha-input.yml index 2f8fe2ad32..452424cf2e 100644 --- a/pr-checks/checks/upload-ref-sha-input.yml +++ b/pr-checks/checks/upload-ref-sha-input.yml @@ -11,6 +11,7 @@ steps: run: ./build.sh - uses: ./../action/analyze with: + upload-database: false ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' upload: false diff --git a/pr-checks/checks/with-checkout-path.yml b/pr-checks/checks/with-checkout-path.yml index 23805b3b7e..f302423e48 100644 --- a/pr-checks/checks/with-checkout-path.yml +++ b/pr-checks/checks/with-checkout-path.yml @@ -30,6 +30,7 @@ steps: ref: v1.1.0 sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6 upload: false + upload-database: false - uses: ./../action/upload-sarif with: