Allow the same category once for each type of upload

2025-12-24 08:10:06 +08:00 · 2025-06-17 14:52:18 +01:00
parent 45b3bec064
commit f1834221f2
3 changed files with 15 additions and 7 deletions
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@@ -421,11 +421,13 @@ exports.CodeScanningTarget = {
    name: "code scanning",
    target: SARIF_UPLOAD_TARGET.CODE_SCANNING_UPLOAD_TARGET,
    sarifFilter: defaultIsSarif,
+    sentinelPrefix: "CODEQL_UPLOAD_SARIF_",
 };
 exports.CodeQualityTarget = {
    name: "code quality",
    target: SARIF_UPLOAD_TARGET.CODE_QUALITY_UPLOAD_TARGET,
    sarifFilter: qualityIsSarif,
+    sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_",
 };
 /**
 * Uploads a single SARIF file or a directory of SARIF files depending on what `inputSarifPath` refers
@@ -457,7 +459,7 @@ async function uploadFiles(inputSarifPath, checkoutPath, category, features, log
    sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
    const toolNames = util.getToolNames(sarif);
    logger.debug(`Validating that each SARIF run has a unique category`);
-    validateUniqueCategory(sarif);
+    validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
    logger.debug(`Serializing SARIF for upload`);
    const sarifPayload = JSON.stringify(sarif);
    logger.debug(`Compressing serialized SARIF`);
@@ -606,7 +608,7 @@ function handleProcessingResultForUnsuccessfulExecution(response, status, logger
        util.assertNever(status);
    }
 }
-function validateUniqueCategory(sarif) {
+function validateUniqueCategory(sarif, sentinelPrefix = exports.CodeScanningTarget.sentinelPrefix) {
    // duplicate categories are allowed in the same sarif file
    // but not across multiple sarif files
    const categories = {};
@@ -617,7 +619,7 @@ function validateUniqueCategory(sarif) {
        categories[category] = { id, tool };
    }
    for (const [category, { id, tool }] of Object.entries(categories)) {
-        const sentinelEnvVar = `CODEQL_UPLOAD_SARIF_${category}`;
+        const sentinelEnvVar = `${sentinelPrefix}${category}`;
        if (process.env[sentinelEnvVar]) {
            // This is always a configuration error, even for first-party runs.
            throw new util_1.ConfigurationError("Aborting upload: only one run of the codeql/analyze or codeql/upload-sarif actions is allowed per job per tool/category. " +