Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ref input #904

Merged
merged 16 commits into from
Feb 2, 2022
Merged

Add ref input #904

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
e9aa2c6
Add a permissions block for generated workflows
aeisenberg Feb 1, 2022
980fd4e
Adds ref and SHA as inputs, and sarif-id as output
cw-alexcroteau Jan 24, 2022
0dd4dbf
Apply documentation suggestions from code review
cw-alexcroteau Jan 25, 2022
5916f98
Applies recomendation in upload-sarif/action.yml
cw-alexcroteau Jan 25, 2022
1eaaf07
Adds check on inputs and compiled files
cw-alexcroteau Jan 26, 2022
1bfa9ac
Adds integration test and fixes linting
cw-alexcroteau Jan 26, 2022
260b4d5
Fixes integration test
cw-alexcroteau Jan 26, 2022
3cc8799
Updates javascript files
cw-alexcroteau Jan 26, 2022
63d0c78
Fixes integration tests referred repo
cw-alexcroteau Jan 26, 2022
dfe2bc4
Changes to commit hash in main branch
cw-alexcroteau Jan 26, 2022
9f36b75
Splits integration tests
cw-alexcroteau Jan 26, 2022
72f9a88
Regenerates test workflows
cw-alexcroteau Feb 1, 2022
13f97c8
Merge branch 'aeisenberg/permissions' into add-ref-input
aeisenberg Feb 1, 2022
6c6b8c3
Update the description of new inputs
aeisenberg Feb 1, 2022
9bfa05f
Merge pull request #3 from aeisenberg/aeisenberg/add-ref-input
cw-alexcroteau Feb 1, 2022
1a5b604
Merge branch 'main' into add-ref-input
cw-alexcroteau Feb 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 65 additions & 0 deletions .github/workflows/__analyze-ref-input.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__debug-artifacts.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__extractor-ram-threads.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__go-custom-queries.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__go-custom-tracing-autobuild.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__go-custom-tracing.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__javascript-source-root.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__multi-language-autodetect.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__packaging-config-inputs-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__packaging-config-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__packaging-inputs-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion .github/workflows/__remote-config.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__rubocop-multi-language.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__split-workflow.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__test-local-codeql.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__test-proxy.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__test-ruby.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions .github/workflows/__unset-environment.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

72 changes: 72 additions & 0 deletions .github/workflows/__upload-ref-sha-input.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 4 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,13 @@

## [UNRELEASED]

No user facing changes.
- Add sarif-id as an output for upload-sarif action and analyze action (if uploading)
- Accept ref and hash as inputs to override the ones provided by the runner

## 1.0.31 - 31 Jan 2022

- Add `sarif-id` as an output for the `upload-sarif` and `analyze` actions. [#889](https://github.com/github/codeql-action/pull/889)
- Add `ref` and `sha` inputs to the `analyze` action, which override the defaults provided by the GitHub Action context. [#889](https://github.com/github/codeql-action/pull/889)
- Remove `experimental` message when using custom CodeQL packages. [#888](https://github.com/github/codeql-action/pull/888)
- Add a better warning message stating that experimental features will be disabled if the workflow has been triggered by a pull request from a fork or the `security-events: write` permission is not present. [#882](https://github.com/github/codeql-action/pull/882)

Expand Down
8 changes: 8 additions & 0 deletions analyze/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,12 @@ inputs:
description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
required: false
default: ${{ github.workspace }}
ref:
description: "The ref where results will be uploaded. If not provided, the Action will use the GITHUB_REF environment variable. If provided, the sha input must be provided as well. This input is not available in pull requests from forks."
required: false
sha:
description: "The sha of the HEAD of the ref where results will be uploaded. If not provided, the Action will use the GITHUB_SHA environment variable. If provided, the ref input must be provided as well. This input is not available in pull requests from forks."
required: false
category:
description: String used by Code Scanning for matching the analyses
required: false
Expand All @@ -63,6 +69,8 @@ inputs:
outputs:
db-locations:
description: A map from language to absolute path for each database created by CodeQL.
sarif-id:
description: The ID of the uploaded SARIF file.
runs:
using: "node12"
main: "../lib/analyze-action.js"
27 changes: 20 additions & 7 deletions lib/actions-util.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading