Split SARIF post-processing steps from uploadSpecifiedFiles into a function

lib/analyze-action.js

@@ -95898,26 +95898,11 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
   }
   return payloadObj;
 }
-async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
-  const sarifPaths = getSarifFilePaths(
-    inputSarifPath,
-    uploadTarget.sarifPredicate
-  );
-  return uploadSpecifiedFiles(
-    sarifPaths,
-    checkoutPath,
-    category,
-    features,
-    logger,
-    uploadTarget
-  );
-}
-async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
-  logger.startGroup(`Uploading ${uploadTarget.name} results`);
   logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
   const gitHubVersion = await getGitHubVersion();
   let sarif;
-  category = uploadTarget.fixCategory(logger, category);
+  category = analysis.fixCategory(logger, category);
   if (sarifPaths.length > 1) {
     for (const sarifPath of sarifPaths) {
       const parsedSarif = readSarifFile(sarifPath);
@@ -95945,6 +95930,33 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
     analysisKey,
     environment
   );
+  return { sarif, analysisKey, environment };
+}
+async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+  const sarifPaths = getSarifFilePaths(
+    inputSarifPath,
+    uploadTarget.sarifPredicate
+  );
+  return uploadSpecifiedFiles(
+    sarifPaths,
+    checkoutPath,
+    category,
+    features,
+    logger,
+    uploadTarget
+  );
+}
+async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
+  logger.startGroup(`Uploading ${uploadTarget.name} results`);
+  const processingResults = await postProcessSarifFiles(
+    logger,
+    features,
+    checkoutPath,
+    sarifPaths,
+    category,
+    uploadTarget
+  );
+  const sarif = processingResults.sarif;
   const toolNames = getToolNames(sarif);
   logger.debug(`Validating that each SARIF run has a unique category`);
   validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
@@ -95960,13 +95972,13 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
   const payload = buildPayload(
     await getCommitOid(checkoutPath),
     await getRef(),
-    analysisKey,
+    processingResults.analysisKey,
     getRequiredEnvParam("GITHUB_WORKFLOW"),
     zippedSarif,
     getWorkflowRunID(),
     getWorkflowRunAttempt(),
     checkoutURI,
-    environment,
+    processingResults.environment,
     toolNames,
     await determineBaseBranchHeadCommitOid()
   );

lib/init-action-post.js

@@ -133309,26 +133309,11 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
   }
   return payloadObj;
 }
-async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
-  const sarifPaths = getSarifFilePaths(
-    inputSarifPath,
-    uploadTarget.sarifPredicate
-  );
-  return uploadSpecifiedFiles(
-    sarifPaths,
-    checkoutPath,
-    category,
-    features,
-    logger,
-    uploadTarget
-  );
-}
-async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
-  logger.startGroup(`Uploading ${uploadTarget.name} results`);
   logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
   const gitHubVersion = await getGitHubVersion();
   let sarif;
-  category = uploadTarget.fixCategory(logger, category);
+  category = analysis.fixCategory(logger, category);
   if (sarifPaths.length > 1) {
     for (const sarifPath of sarifPaths) {
       const parsedSarif = readSarifFile(sarifPath);
@@ -133356,6 +133341,33 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
     analysisKey,
     environment
   );
+  return { sarif, analysisKey, environment };
+}
+async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+  const sarifPaths = getSarifFilePaths(
+    inputSarifPath,
+    uploadTarget.sarifPredicate
+  );
+  return uploadSpecifiedFiles(
+    sarifPaths,
+    checkoutPath,
+    category,
+    features,
+    logger,
+    uploadTarget
+  );
+}
+async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
+  logger.startGroup(`Uploading ${uploadTarget.name} results`);
+  const processingResults = await postProcessSarifFiles(
+    logger,
+    features,
+    checkoutPath,
+    sarifPaths,
+    category,
+    uploadTarget
+  );
+  const sarif = processingResults.sarif;
   const toolNames = getToolNames(sarif);
   logger.debug(`Validating that each SARIF run has a unique category`);
   validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
@@ -133371,13 +133383,13 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
   const payload = buildPayload(
     await getCommitOid(checkoutPath),
     await getRef(),
-    analysisKey,
+    processingResults.analysisKey,
     getRequiredEnvParam("GITHUB_WORKFLOW"),
     zippedSarif,
     getWorkflowRunID(),
     getWorkflowRunAttempt(),
     checkoutURI,
-    environment,
+    processingResults.environment,
     toolNames,
     await determineBaseBranchHeadCommitOid()
   );

lib/upload-lib.js

@@ -84847,6 +84847,7 @@ __export(upload_lib_exports, {
   getGroupedSarifFilePaths: () => getGroupedSarifFilePaths,
   getSarifFilePaths: () => getSarifFilePaths,
   populateRunAutomationDetails: () => populateRunAutomationDetails,
+  postProcessSarifFiles: () => postProcessSarifFiles,
   readSarifFile: () => readSarifFile,
   shouldConsiderConfigurationError: () => shouldConsiderConfigurationError,
   shouldConsiderInvalidRequest: () => shouldConsiderInvalidRequest,
@@ -92712,26 +92713,11 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
   }
   return payloadObj;
 }
-async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
-  const sarifPaths = getSarifFilePaths(
-    inputSarifPath,
-    uploadTarget.sarifPredicate
-  );
-  return uploadSpecifiedFiles(
-    sarifPaths,
-    checkoutPath,
-    category,
-    features,
-    logger,
-    uploadTarget
-  );
-}
-async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
-  logger.startGroup(`Uploading ${uploadTarget.name} results`);
   logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
   const gitHubVersion = await getGitHubVersion();
   let sarif;
-  category = uploadTarget.fixCategory(logger, category);
+  category = analysis.fixCategory(logger, category);
   if (sarifPaths.length > 1) {
     for (const sarifPath of sarifPaths) {
       const parsedSarif = readSarifFile(sarifPath);
@@ -92759,6 +92745,33 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
     analysisKey,
     environment
   );
+  return { sarif, analysisKey, environment };
+}
+async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
+  const sarifPaths = getSarifFilePaths(
+    inputSarifPath,
+    uploadTarget.sarifPredicate
+  );
+  return uploadSpecifiedFiles(
+    sarifPaths,
+    checkoutPath,
+    category,
+    features,
+    logger,
+    uploadTarget
+  );
+}
+async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
+  logger.startGroup(`Uploading ${uploadTarget.name} results`);
+  const processingResults = await postProcessSarifFiles(
+    logger,
+    features,
+    checkoutPath,
+    sarifPaths,
+    category,
+    uploadTarget
+  );
+  const sarif = processingResults.sarif;
   const toolNames = getToolNames(sarif);
   logger.debug(`Validating that each SARIF run has a unique category`);
   validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
@@ -92774,13 +92787,13 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
   const payload = buildPayload(
     await getCommitOid(checkoutPath),
     await getRef(),
-    analysisKey,
+    processingResults.analysisKey,
     getRequiredEnvParam("GITHUB_WORKFLOW"),
     zippedSarif,
     getWorkflowRunID(),
     getWorkflowRunAttempt(),
     checkoutURI,
-    environment,
+    processingResults.environment,
     toolNames,
     await determineBaseBranchHeadCommitOid()
   );
@@ -92980,6 +92993,7 @@ function filterAlertsByDiffRange(logger, sarif) {
   getGroupedSarifFilePaths,
   getSarifFilePaths,
   populateRunAutomationDetails,
+  postProcessSarifFiles,
   readSarifFile,
   shouldConsiderConfigurationError,
   shouldConsiderInvalidRequest,

lib/upload-sarif-action.js

@@ -93368,12 +93368,11 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
   }
   return payloadObj;
 }
-async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
+async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
-  logger.startGroup(`Uploading ${uploadTarget.name} results`);
   logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
   const gitHubVersion = await getGitHubVersion();
   let sarif;
-  category = uploadTarget.fixCategory(logger, category);
+  category = analysis.fixCategory(logger, category);
   if (sarifPaths.length > 1) {
     for (const sarifPath of sarifPaths) {
       const parsedSarif = readSarifFile(sarifPath);
@@ -93401,6 +93400,19 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
     analysisKey,
     environment
   );
+  return { sarif, analysisKey, environment };
+}
+async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features, logger, uploadTarget) {
+  logger.startGroup(`Uploading ${uploadTarget.name} results`);
+  const processingResults = await postProcessSarifFiles(
+    logger,
+    features,
+    checkoutPath,
+    sarifPaths,
+    category,
+    uploadTarget
+  );
+  const sarif = processingResults.sarif;
   const toolNames = getToolNames(sarif);
   logger.debug(`Validating that each SARIF run has a unique category`);
   validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
@@ -93416,13 +93428,13 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
   const payload = buildPayload(
     await getCommitOid(checkoutPath),
     await getRef(),
-    analysisKey,
+    processingResults.analysisKey,
     getRequiredEnvParam("GITHUB_WORKFLOW"),
     zippedSarif,
     getWorkflowRunID(),
     getWorkflowRunAttempt(),
     checkoutURI,
-    environment,
+    processingResults.environment,
     toolNames,
     await determineBaseBranchHeadCommitOid()
   );

src/upload-lib.ts

@@ -688,6 +688,77 @@ export function buildPayload(
   return payloadObj;
 }
 
+export interface PostProcessingResults {
+  sarif: util.SarifFile;
+  analysisKey: string;
+  environment: string;
+}
+
+/**
+ * Performs post-processing of the SARIF files given by `sarifPaths`.
+ *
+ * @param logger The logger to use.
+ * @param features Information about enabled features.
+ * @param checkoutPath The path where the repo was checked out at.
+ * @param sarifPaths The paths of the SARIF files to post-process.
+ * @param category The analysis category.
+ * @param analysis The analysis configuration.
+ *
+ * @returns Returns the results of post-processing the SARIF files,
+ *          including the resulting SARIF file.
+ */
+export async function postProcessSarifFiles(
+  logger: Logger,
+  features: FeatureEnablement,
+  checkoutPath: string,
+  sarifPaths: string[],
+  category: string | undefined,
+  analysis: analyses.AnalysisConfig,
+): Promise<PostProcessingResults> {
+  logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
+
+  const gitHubVersion = await getGitHubVersion();
+
+  let sarif: SarifFile;
+  category = analysis.fixCategory(logger, category);
+
+  if (sarifPaths.length > 1) {
+    // Validate that the files we were asked to upload are all valid SARIF files
+    for (const sarifPath of sarifPaths) {
+      const parsedSarif = readSarifFile(sarifPath);
+      validateSarifFileSchema(parsedSarif, sarifPath, logger);
+    }
+
+    sarif = await combineSarifFilesUsingCLI(
+      sarifPaths,
+      gitHubVersion,
+      features,
+      logger,
+    );
+  } else {
+    const sarifPath = sarifPaths[0];
+    sarif = readSarifFile(sarifPath);
+    validateSarifFileSchema(sarif, sarifPath, logger);
+
+    // Validate that there are no runs for the same category
+    await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
+  }
+
+  sarif = filterAlertsByDiffRange(logger, sarif);
+  sarif = await fingerprints.addFingerprints(sarif, checkoutPath, logger);
+
+  const analysisKey = await api.getAnalysisKey();
+  const environment = actionsUtil.getRequiredInput("matrix");
+  sarif = populateRunAutomationDetails(
+    sarif,
+    category,
+    analysisKey,
+    environment,
+  );
+
+  return { sarif, analysisKey, environment };
+}
+
 /**
  * Uploads a single SARIF file or a directory of SARIF files depending on what `inputSarifPath` refers
  * to.
@@ -727,46 +798,16 @@ export async function uploadSpecifiedFiles(
   uploadTarget: analyses.AnalysisConfig,
 ): Promise<UploadResult> {
   logger.startGroup(`Uploading ${uploadTarget.name} results`);
-  logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
 
-  const gitHubVersion = await getGitHubVersion();
+  const processingResults: PostProcessingResults = await postProcessSarifFiles(
-
+    logger,
-  let sarif: SarifFile;
+    features,
-  category = uploadTarget.fixCategory(logger, category);
+    checkoutPath,
-
+    sarifPaths,
-  if (sarifPaths.length > 1) {
-    // Validate that the files we were asked to upload are all valid SARIF files
-    for (const sarifPath of sarifPaths) {
-      const parsedSarif = readSarifFile(sarifPath);
-      validateSarifFileSchema(parsedSarif, sarifPath, logger);
-    }
-
-    sarif = await combineSarifFilesUsingCLI(
-      sarifPaths,
-      gitHubVersion,
-      features,
-      logger,
-    );
-  } else {
-    const sarifPath = sarifPaths[0];
-    sarif = readSarifFile(sarifPath);
-    validateSarifFileSchema(sarif, sarifPath, logger);
-
-    // Validate that there are no runs for the same category
-    await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
-  }
-
-  sarif = filterAlertsByDiffRange(logger, sarif);
-  sarif = await fingerprints.addFingerprints(sarif, checkoutPath, logger);
-
-  const analysisKey = await api.getAnalysisKey();
-  const environment = actionsUtil.getRequiredInput("matrix");
-  sarif = populateRunAutomationDetails(
-    sarif,
     category,
-    analysisKey,
+    uploadTarget,
-    environment,
   );
+  const sarif = processingResults.sarif;
 
   const toolNames = util.getToolNames(sarif);
 
@@ -787,13 +828,13 @@ export async function uploadSpecifiedFiles(
   const payload = buildPayload(
     await gitUtils.getCommitOid(checkoutPath),
     await gitUtils.getRef(),
-    analysisKey,
+    processingResults.analysisKey,
     util.getRequiredEnvParam("GITHUB_WORKFLOW"),
     zippedSarif,
     actionsUtil.getWorkflowRunID(),
     actionsUtil.getWorkflowRunAttempt(),
     checkoutURI,
-    environment,
+    processingResults.environment,
     toolNames,
     await gitUtils.determineBaseBranchHeadCommitOid(),
   );