Add new packs input to init action

This input allows users to specify which packs to run. It works in unison with the packs block of the config file and it is similar to how `queries` works. They both use `+` in the same way. Note that the `#TODO` in the pr check is still around, but the CLI is available. I will remove the TODO in the next commit.
2026-01-04 21:50:17 +08:00 · 2021-06-23 15:41:52 -07:00
parent 7729b51956
commit 6e577cfca3
18 changed files with 535 additions and 59 deletions
--- a/.github/workflows/pr-checks.yml
+++ b/.github/workflows/pr-checks.yml
@@ -101,7 +101,7 @@ jobs:
        fi

  # Packaging test that runs against a javascript database
-  test-packaging-javascript:
+  test-packaging-javascript-config:
    needs: [check-js, check-node-modules]
    runs-on: ubuntu-latest

@@ -143,6 +143,50 @@ jobs:
          exit 1
        fi

+  # tests that we can run packages through actions inputs
+  test-packaging-javascript-inputs:
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+        mv ../action/.github/workflows .github
+    - uses: ./../action/init
+      with:
+        config-file: ".github/codeql/codeql-config-packaging2.yml"
+        languages: javascript
+        packs: dsp-testing/codeql-pack1@0.0.4, dsp-testing/codeql-pack2
+        # TODO: this can be removed when cli v2.5.6 is released and available in the tool cache
+        tools: https://github.com/dsp-testing/aeisenberg-codeql-action-packaging/releases/download/codeql-bundle-20210615/codeql-bundle-linux64.tar.gz
+
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: "${{ runner.temp }}/results"
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+
  # Identify the CodeQL tool versions to integration test against.
  check-codeql-versions:
    needs: [check-js, check-node-modules]