Update upload input values and logic (#1598)

- The `upload` input to the `analyze` Action now accepts the following values: - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs. - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience. - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging. - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively. --------- Co-authored-by: Henry Mercer <henry.mercer@me.com>
2026-01-04 05:30:16 +08:00 · 2023-03-23 10:23:25 -07:00
parent 0214d1d378
commit a21bb7f968
25 changed files with 206 additions and 89 deletions
--- a/.github/query-filter-test/action.yml
+++ b/.github/query-filter-test/action.yml
@@ -40,7 +40,7 @@ runs:
      with:
        output: ${{ runner.temp }}/results
        upload-database: false
-        upload: false
+        upload: never
      env:
        CODEQL_ACTION_TEST_MODE: "true"
    - name: Check SARIF
--- a/.github/workflows/__javascript-source-root.yml
+++ b/.github/workflows/__javascript-source-root.yml
@@ -56,7 +56,7 @@ jobs:
      with:
        upload-database: false
        skip-queries: true
-        upload: false
+        upload: never
    - name: Assert database exists
      shell: bash
      run: |
--- a/.github/workflows/__upload-ref-sha-input.yml
+++ b/.github/workflows/__upload-ref-sha-input.yml
@@ -91,7 +91,7 @@ jobs:
        upload-database: false
        ref: refs/heads/main
        sha: 5e235361806c361d4d3f8859e3c897658025a9a2
-        upload: false
+        upload: never
    - uses: ./../action/upload-sarif
      with:
        ref: refs/heads/main
--- a/.github/workflows/__with-checkout-path.yml
+++ b/.github/workflows/__with-checkout-path.yml
@@ -103,7 +103,7 @@ jobs:
        checkout_path: x/y/z/some-path/tests/multi-language-repo
        ref: v1.1.0
        sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
-        upload: false
+        upload: never
        upload-database: false

    - uses: ./../action/upload-sarif
--- a/.github/workflows/expected-queries-runs.yml
+++ b/.github/workflows/expected-queries-runs.yml
@@ -36,7 +36,7 @@ jobs:
      with:
        output: ${{ runner.temp }}/results
        upload-database: false
-        upload: false
+        upload: never

    - name: Check Sarif
      uses: ./../action/.github/check-sarif