diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 887d7e3bf..d422ad609 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -95932,6 +95932,19 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, ); return { sarif, analysisKey, environment }; } +async function writeProcessedFiles(logger, pathInput, uploadTarget, processingResults) { + const outputPath = pathInput || process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; + if (outputPath !== void 0) { + dumpSarifFile( + JSON.stringify(processingResults.sarif), + outputPath, + logger, + uploadTarget + ); + } else { + logger.debug(`Not writing processed SARIF files.`); + } +} async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) { const sarifPaths = getSarifFilePaths( inputSarifPath, @@ -95970,10 +95983,6 @@ async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processi validateUniqueCategory(sarif, uploadTarget.sentinelPrefix); logger.debug(`Serializing SARIF for upload`); const sarifPayload = JSON.stringify(sarif); - const dumpDir = process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; - if (dumpDir) { - dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget); - } logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; @@ -96017,14 +96026,14 @@ function dumpSarifFile(sarifPayload, outputDir, logger, uploadTarget) { fs18.mkdirSync(outputDir, { recursive: true }); } else if (!fs18.lstatSync(outputDir).isDirectory()) { throw new ConfigurationError( - `The path specified by the ${"CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */} environment variable exists and is not a directory: ${outputDir}` + `The path that processed SARIF files should be written to exists, but is not a directory: ${outputDir}` ); } const outputFile = path18.resolve( outputDir, `upload${uploadTarget.sarifExtension}` ); - logger.info(`Dumping processed SARIF file to ${outputFile}`); + logger.info(`Writing processed SARIF file to ${outputFile}`); fs18.writeFileSync(outputFile, sarifPayload); } var STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1e3; @@ -96180,7 +96189,7 @@ function filterAlertsByDiffRange(logger, sarif) { } // src/upload-sarif.ts -async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath, category) { +async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath, category, processedOutputPath) { const sarifGroups = await getGroupedSarifFilePaths( logger, sarifPath @@ -96198,6 +96207,12 @@ async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath category, analysisConfig ); + await writeProcessedFiles( + logger, + processedOutputPath, + analysisConfig, + processingResults + ); if (uploadKind === "always") { uploadResults[analysisKind] = await uploadProcessedFiles( logger, @@ -96417,7 +96432,8 @@ async function run() { uploadKind, checkoutPath, outputDir, - category + category, + getOptionalInput("post-process-output") ); } else { uploadResults = {}; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 8992fedfe..4cf9954e9 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133381,10 +133381,6 @@ async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processi validateUniqueCategory(sarif, uploadTarget.sentinelPrefix); logger.debug(`Serializing SARIF for upload`); const sarifPayload = JSON.stringify(sarif); - const dumpDir = process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; - if (dumpDir) { - dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget); - } logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; @@ -133423,21 +133419,6 @@ async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processi sarifID }; } -function dumpSarifFile(sarifPayload, outputDir, logger, uploadTarget) { - if (!fs17.existsSync(outputDir)) { - fs17.mkdirSync(outputDir, { recursive: true }); - } else if (!fs17.lstatSync(outputDir).isDirectory()) { - throw new ConfigurationError( - `The path specified by the ${"CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */} environment variable exists and is not a directory: ${outputDir}` - ); - } - const outputFile = path17.resolve( - outputDir, - `upload${uploadTarget.sarifExtension}` - ); - logger.info(`Dumping processed SARIF file to ${outputFile}`); - fs17.writeFileSync(outputFile, sarifPayload); -} var STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1e3; var STATUS_CHECK_TIMEOUT_MILLISECONDS = 2 * 60 * 1e3; async function waitForProcessing(repositoryNwo, sarifID, logger, options = { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 15ddf8da2..ee0ae0d53 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -84858,7 +84858,8 @@ __export(upload_lib_exports, { uploadProcessedFiles: () => uploadProcessedFiles, validateSarifFileSchema: () => validateSarifFileSchema, validateUniqueCategory: () => validateUniqueCategory, - waitForProcessing: () => waitForProcessing + waitForProcessing: () => waitForProcessing, + writeProcessedFiles: () => writeProcessedFiles }); module.exports = __toCommonJS(upload_lib_exports); var fs13 = __toESM(require("fs")); @@ -92747,6 +92748,19 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, ); return { sarif, analysisKey, environment }; } +async function writeProcessedFiles(logger, pathInput, uploadTarget, processingResults) { + const outputPath = pathInput || process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; + if (outputPath !== void 0) { + dumpSarifFile( + JSON.stringify(processingResults.sarif), + outputPath, + logger, + uploadTarget + ); + } else { + logger.debug(`Not writing processed SARIF files.`); + } +} async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) { const sarifPaths = getSarifFilePaths( inputSarifPath, @@ -92785,10 +92799,6 @@ async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processi validateUniqueCategory(sarif, uploadTarget.sentinelPrefix); logger.debug(`Serializing SARIF for upload`); const sarifPayload = JSON.stringify(sarif); - const dumpDir = process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; - if (dumpDir) { - dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget); - } logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; @@ -92832,14 +92842,14 @@ function dumpSarifFile(sarifPayload, outputDir, logger, uploadTarget) { fs13.mkdirSync(outputDir, { recursive: true }); } else if (!fs13.lstatSync(outputDir).isDirectory()) { throw new ConfigurationError( - `The path specified by the ${"CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */} environment variable exists and is not a directory: ${outputDir}` + `The path that processed SARIF files should be written to exists, but is not a directory: ${outputDir}` ); } const outputFile = path14.resolve( outputDir, `upload${uploadTarget.sarifExtension}` ); - logger.info(`Dumping processed SARIF file to ${outputFile}`); + logger.info(`Writing processed SARIF file to ${outputFile}`); fs13.writeFileSync(outputFile, sarifPayload); } var STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1e3; @@ -93012,7 +93022,8 @@ function filterAlertsByDiffRange(logger, sarif) { uploadProcessedFiles, validateSarifFileSchema, validateUniqueCategory, - waitForProcessing + waitForProcessing, + writeProcessedFiles }); /*! Bundled license information: diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 547ef8f10..f7923ea81 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -93402,6 +93402,19 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, ); return { sarif, analysisKey, environment }; } +async function writeProcessedFiles(logger, pathInput, uploadTarget, processingResults) { + const outputPath = pathInput || process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; + if (outputPath !== void 0) { + dumpSarifFile( + JSON.stringify(processingResults.sarif), + outputPath, + logger, + uploadTarget + ); + } else { + logger.debug(`Not writing processed SARIF files.`); + } +} async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processingResults) { logger.startGroup(`Uploading ${uploadTarget.name} results`); const sarif = processingResults.sarif; @@ -93410,10 +93423,6 @@ async function uploadProcessedFiles(logger, checkoutPath, uploadTarget, processi validateUniqueCategory(sarif, uploadTarget.sentinelPrefix); logger.debug(`Serializing SARIF for upload`); const sarifPayload = JSON.stringify(sarif); - const dumpDir = process.env["CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */]; - if (dumpDir) { - dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget); - } logger.debug(`Compressing serialized SARIF`); const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; @@ -93457,14 +93466,14 @@ function dumpSarifFile(sarifPayload, outputDir, logger, uploadTarget) { fs14.mkdirSync(outputDir, { recursive: true }); } else if (!fs14.lstatSync(outputDir).isDirectory()) { throw new ConfigurationError( - `The path specified by the ${"CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */} environment variable exists and is not a directory: ${outputDir}` + `The path that processed SARIF files should be written to exists, but is not a directory: ${outputDir}` ); } const outputFile = path15.resolve( outputDir, `upload${uploadTarget.sarifExtension}` ); - logger.info(`Dumping processed SARIF file to ${outputFile}`); + logger.info(`Writing processed SARIF file to ${outputFile}`); fs14.writeFileSync(outputFile, sarifPayload); } var STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1e3; @@ -93620,7 +93629,7 @@ function filterAlertsByDiffRange(logger, sarif) { } // src/upload-sarif.ts -async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath, category) { +async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath, category, processedOutputPath) { const sarifGroups = await getGroupedSarifFilePaths( logger, sarifPath @@ -93638,6 +93647,12 @@ async function uploadSarif(logger, features, uploadKind, checkoutPath, sarifPath category, analysisConfig ); + await writeProcessedFiles( + logger, + processedOutputPath, + analysisConfig, + processingResults + ); if (uploadKind === "always") { uploadResults[analysisKind] = await uploadProcessedFiles( logger, diff --git a/src/analyze-action.ts b/src/analyze-action.ts index 36517624d..fb510a727 100644 --- a/src/analyze-action.ts +++ b/src/analyze-action.ts @@ -359,6 +359,7 @@ async function run() { checkoutPath, outputDir, category, + actionsUtil.getOptionalInput("post-process-output"), ); } else { uploadResults = {}; diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 0dcadffe5..f69a05696 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -759,6 +759,36 @@ export async function postProcessSarifFiles( return { sarif, analysisKey, environment }; } +/** + * Writes the processed SARIF file to disk, if needed based on `pathInput` or the `SARIF_DUMP_DIR`. + * + * @param logger The logger to use. + * @param pathInput The input provided for `post-process-output`. + * @param uploadTarget The upload target. + * @param processingResults The results of post-processing SARIF files. + */ +export async function writeProcessedFiles( + logger: Logger, + pathInput: string | undefined, + uploadTarget: analyses.AnalysisConfig, + processingResults: PostProcessingResults, +) { + // If there's an explicit input, use that. Otherwise, use the value from the environment variable. + const outputPath = pathInput || process.env[EnvVar.SARIF_DUMP_DIR]; + + // If we have an output path, write the SARIF file to it. + if (outputPath !== undefined) { + dumpSarifFile( + JSON.stringify(processingResults.sarif), + outputPath, + logger, + uploadTarget, + ); + } else { + logger.debug(`Not writing processed SARIF files.`); + } +} + /** * Uploads a single SARIF file or a directory of SARIF files depending on what `inputSarifPath` refers * to. @@ -841,11 +871,6 @@ export async function uploadProcessedFiles( logger.debug(`Serializing SARIF for upload`); const sarifPayload = JSON.stringify(sarif); - const dumpDir = process.env[EnvVar.SARIF_DUMP_DIR]; - if (dumpDir) { - dumpSarifFile(sarifPayload, dumpDir, logger, uploadTarget); - } - logger.debug(`Compressing serialized SARIF`); const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64"); const checkoutURI = url.pathToFileURL(checkoutPath).href; @@ -905,14 +930,14 @@ function dumpSarifFile( fs.mkdirSync(outputDir, { recursive: true }); } else if (!fs.lstatSync(outputDir).isDirectory()) { throw new ConfigurationError( - `The path specified by the ${EnvVar.SARIF_DUMP_DIR} environment variable exists and is not a directory: ${outputDir}`, + `The path that processed SARIF files should be written to exists, but is not a directory: ${outputDir}`, ); } const outputFile = path.resolve( outputDir, `upload${uploadTarget.sarifExtension}`, ); - logger.info(`Dumping processed SARIF file to ${outputFile}`); + logger.info(`Writing processed SARIF file to ${outputFile}`); fs.writeFileSync(outputFile, sarifPayload); } diff --git a/src/upload-sarif.ts b/src/upload-sarif.ts index 7fc2d2cd3..87990089e 100644 --- a/src/upload-sarif.ts +++ b/src/upload-sarif.ts @@ -19,6 +19,7 @@ export type UploadSarifResults = Partial< * @param checkoutPath The path where the repository was checked out at. * @param sarifPath The path to the file or directory to upload. * @param category The analysis category. + * @param processedOutputPath The path to a directory to which the post-processed SARIF files should be written to. * * @returns A partial mapping from analysis kinds to the upload results. */ @@ -29,6 +30,7 @@ export async function uploadSarif( checkoutPath: string, sarifPath: string, category?: string, + processedOutputPath?: string, ): Promise { const sarifGroups = await upload_lib.getGroupedSarifFilePaths( logger, @@ -49,6 +51,15 @@ export async function uploadSarif( analysisConfig, ); + // Write the processed SARIF files to disk. This will only write them if needed based on user inputs + // or environment variables. + await upload_lib.writeProcessedFiles( + logger, + processedOutputPath, + analysisConfig, + processingResults, + ); + // Only perform the actual upload of the processed files, if `uploadKind` is `always`. if (uploadKind === "always") { uploadResults[analysisKind] = await upload_lib.uploadProcessedFiles(