diff --git a/.github/workflows/__upload-quality-sarif.yml b/.github/workflows/__upload-quality-sarif.yml deleted file mode 100644 index 9e1dceafc5..0000000000 --- a/.github/workflows/__upload-quality-sarif.yml +++ /dev/null @@ -1,95 +0,0 @@ -# Warning: This file is generated automatically, and should not be modified. -# Instead, please modify the template in the pr-checks directory and run: -# pr-checks/sync.sh -# to regenerate this file. - -name: 'PR Check - Upload-sarif: code quality endpoint' -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GO111MODULE: auto -on: - push: - branches: - - main - - releases/v* - pull_request: - types: - - opened - - synchronize - - reopened - - ready_for_review - schedule: - - cron: '0 5 * * *' - workflow_dispatch: - inputs: - go-version: - type: string - description: The version of Go to install - required: false - default: '>=1.21.0' - workflow_call: - inputs: - go-version: - type: string - description: The version of Go to install - required: false - default: '>=1.21.0' -defaults: - run: - shell: bash -concurrency: - cancel-in-progress: ${{ github.event_name == 'pull_request' }} - group: ${{ github.workflow }}-${{ github.ref }} -jobs: - upload-quality-sarif: - strategy: - fail-fast: false - matrix: - include: - - os: ubuntu-latest - version: default - name: 'Upload-sarif: code quality endpoint' - if: github.triggering_actor != 'dependabot[bot]' - permissions: - contents: read - security-events: read - timeout-minutes: 45 - runs-on: ${{ matrix.os }} - steps: - - name: Check out repository - uses: actions/checkout@v5 - - name: Prepare test - id: prepare-test - uses: ./.github/actions/prepare-test - with: - version: ${{ matrix.version }} - use-all-platform-bundle: 'false' - setup-kotlin: 'true' - - name: Install Go - uses: actions/setup-go@v6 - with: - go-version: ${{ inputs.go-version || '>=1.21.0' }} - cache: false - - uses: ./../action/init - with: - tools: ${{ steps.prepare-test.outputs.tools-url }} - languages: csharp,java,javascript,python - analysis-kinds: code-quality - - name: Build code - run: ./build.sh - # Generate some SARIF we can upload with the upload-sarif step - - uses: ./../action/analyze - with: - ref: refs/heads/main - sha: 5e235361806c361d4d3f8859e3c897658025a9a2 - upload: never - - uses: ./../action/upload-sarif - id: upload-sarif - with: - ref: refs/heads/main - sha: 5e235361806c361d4d3f8859e3c897658025a9a2 - - name: Check output from `upload-sarif` step - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' - run: exit 1 - env: - CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml new file mode 100644 index 0000000000..91a1af5e05 --- /dev/null +++ b/.github/workflows/__upload-sarif.yml @@ -0,0 +1,158 @@ +# Warning: This file is generated automatically, and should not be modified. +# Instead, please modify the template in the pr-checks directory and run: +# pr-checks/sync.sh +# to regenerate this file. + +name: PR Check - Test different uses of `upload-sarif` +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GO111MODULE: auto +on: + push: + branches: + - main + - releases/v* + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + schedule: + - cron: '0 5 * * *' + workflow_dispatch: + inputs: + go-version: + type: string + description: The version of Go to install + required: false + default: '>=1.21.0' + workflow_call: + inputs: + go-version: + type: string + description: The version of Go to install + required: false + default: '>=1.21.0' +defaults: + run: + shell: bash +concurrency: + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + group: ${{ github.workflow }}-${{ github.ref }} +jobs: + upload-sarif: + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-latest + version: default + analysis-kinds: code-scanning + - os: ubuntu-latest + version: default + analysis-kinds: code-quality + - os: ubuntu-latest + version: default + analysis-kinds: code-scanning,code-quality + name: Test different uses of `upload-sarif` + if: github.triggering_actor != 'dependabot[bot]' + permissions: + contents: read + security-events: read + timeout-minutes: 45 + runs-on: ${{ matrix.os }} + steps: + - name: Check out repository + uses: actions/checkout@v5 + - name: Prepare test + id: prepare-test + uses: ./.github/actions/prepare-test + with: + version: ${{ matrix.version }} + use-all-platform-bundle: 'false' + setup-kotlin: 'true' + - name: Install Go + uses: actions/setup-go@v6 + with: + go-version: ${{ inputs.go-version || '>=1.21.0' }} + cache: false + - uses: ./../action/init + with: + tools: ${{ steps.prepare-test.outputs.tools-url }} + languages: csharp,java,javascript,python + analysis-kinds: ${{ matrix.analysis-kinds }} + - name: Build code + run: ./build.sh + # Generate some SARIF we can upload with the upload-sarif step + - uses: ./../action/analyze + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + upload: never + output: ${{ runner.temp }}/results + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif + id: upload-sarif + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ + - name: Fail for missing output from `upload-sarif` step for `code-scanning` + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Fail for missing output from `upload-sarif` step for `code-quality` + if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality) + run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ + - name: Fail for missing output from `upload-single-sarif-code-scanning` step + if: contains(matrix.analysis-kinds, 'code-scanning') && + !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Upload single SARIF file for Code Quality + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: contains(matrix.analysis-kinds, 'code-quality') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ + - name: Fail for missing output from `upload-single-sarif-code-quality` step + if: contains(matrix.analysis-kinds, 'code-quality') && + !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality) + run: exit 1 + + - name: Change SARIF file extension + if: contains(matrix.analysis-kinds, 'code-scanning') + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ + - name: Fail for missing output from `upload-single-non-sarif` step + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 + env: + CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index e12c9846a3..e706b5d391 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -103,29 +103,30 @@ jobs: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi env: diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 8c3899fda5..0dcda77a7b 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -95530,12 +95530,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path18.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -95546,7 +95546,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -95780,7 +95780,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 4a41c7d82f..ef2b784c60 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133006,12 +133006,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path17.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -133022,7 +133022,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -133256,7 +133256,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 110fc6bc63..387f090d41 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -92365,12 +92365,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path14.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -92381,7 +92381,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -92663,7 +92663,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index b69c5914d7..52e397000a 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -93037,12 +93037,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path15.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -93053,7 +93053,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -93304,7 +93304,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/pr-checks/checks/upload-quality-sarif.yml b/pr-checks/checks/upload-quality-sarif.yml deleted file mode 100644 index 1d4dd9d28d..0000000000 --- a/pr-checks/checks/upload-quality-sarif.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: "Upload-sarif: code quality endpoint" -description: "Checks that uploading SARIFs to the code quality endpoint works" -versions: ["default"] -installGo: true -steps: - - uses: ./../action/init - with: - tools: ${{ steps.prepare-test.outputs.tools-url }} - languages: csharp,java,javascript,python - analysis-kinds: code-quality - - name: Build code - run: ./build.sh - # Generate some SARIF we can upload with the upload-sarif step - - uses: ./../action/analyze - with: - ref: 'refs/heads/main' - sha: '5e235361806c361d4d3f8859e3c897658025a9a2' - upload: never - - uses: ./../action/upload-sarif - id: upload-sarif - with: - ref: 'refs/heads/main' - sha: '5e235361806c361d4d3f8859e3c897658025a9a2' - - name: "Check output from `upload-sarif` step" - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' - run: exit 1 diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml new file mode 100644 index 0000000000..1801a27407 --- /dev/null +++ b/pr-checks/checks/upload-sarif.yml @@ -0,0 +1,81 @@ +name: "Test different uses of `upload-sarif`" +description: "Checks that uploading SARIFs to the code quality endpoint works" +versions: ["default"] +analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality"] +installGo: true +steps: + - uses: ./../action/init + with: + tools: ${{ steps.prepare-test.outputs.tools-url }} + languages: csharp,java,javascript,python + analysis-kinds: ${{ matrix.analysis-kinds }} + - name: Build code + run: ./build.sh + # Generate some SARIF we can upload with the upload-sarif step + - uses: ./../action/analyze + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + upload: never + output: ${{ runner.temp }}/results + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif + id: upload-sarif + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ + - name: "Fail for missing output from `upload-sarif` step for `code-scanning`" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: "Fail for missing output from `upload-sarif` step for `code-quality`" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)" + run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ + - name: "Fail for missing output from `upload-single-sarif-code-scanning` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: Upload single SARIF file for Code Quality + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: "contains(matrix.analysis-kinds, 'code-quality')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ + - name: "Fail for missing output from `upload-single-sarif-code-quality` step" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)" + run: exit 1 + + - name: Change SARIF file extension + if: "contains(matrix.analysis-kinds, 'code-scanning')" + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ + - name: "Fail for missing output from `upload-single-non-sarif` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 diff --git a/pr-checks/checks/with-checkout-path.yml b/pr-checks/checks/with-checkout-path.yml index 641dcf2205..d0662be010 100644 --- a/pr-checks/checks/with-checkout-path.yml +++ b/pr-checks/checks/with-checkout-path.yml @@ -37,28 +37,29 @@ steps: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi diff --git a/src/upload-lib.ts b/src/upload-lib.ts index cfa362b678..2559cd7ad1 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -352,7 +352,7 @@ async function uploadPayload( payload: any, repositoryNwo: RepositoryNwo, logger: Logger, - target: analyses.SARIF_UPLOAD_ENDPOINT, + analysis: analyses.AnalysisConfig, ): Promise { logger.info("Uploading results"); @@ -360,7 +360,7 @@ async function uploadPayload( if (util.isInTestMode()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), - "payload.json", + `payload-${analysis.kind}.json`, ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`, @@ -373,7 +373,7 @@ async function uploadPayload( const client = api.getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload, @@ -807,7 +807,7 @@ export async function uploadSpecifiedFiles( payload, getRepositoryNwo(), logger, - uploadTarget.target, + uploadTarget, ); logger.endGroup();