github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,020 Commits 297 Branches 500 Tags
v2.1.25
Commit Graph

60 Commits

Author SHA1 Message Date
Andrew Eisenberg
aa434aaed6 Only run the init-with-registries check on nightly 2022-09-07 15:15:55 -07:00
Andrew Eisenberg
376fea671d Clarify description of registries input 2022-09-06 14:06:30 -07:00
Andrew Eisenberg
7e086b240c Merge remote-tracking branch 'upstream/main' into aeisenberg/ghes-pack-download 2022-09-06 10:22:00 -07:00
Andrew Eisenberg
abdf26c28f Convert from json to yaml for registries input 2022-09-02 15:03:51 -07:00
Andrew Eisenberg
b0443622cd Merge branch 'main' into aeisenberg/ghes-pack-download 2022-09-02 11:32:07 -07:00
Andrew Eisenberg
e9b47b1898 Change to using a single input 2022-09-01 16:07:26 -07:00
Henry Mercer
6699d47420 Work around test -v not being available in Mac Bash 2022-09-01 16:49:39 +01:00
Henry Mercer
1d311fe8e5 Add PR checks for reconciled tracing with autobuilder and build steps 2022-09-01 15:43:49 +01:00
Henry Mercer
e303e2c65b Update legacy workflow PR check 
We now trace in init when using reconciled tracing, so we no longer need
to set the `CODEQL_EXTRACTOR_GO_BUILD_TRACING` environment variable.
 2022-09-01 15:43:17 +01:00
Henry Mercer
5b4b44c9d6 Add PR check for reconciled tracing with legacy workflow 2022-08-31 13:19:16 +01:00
Andrew Eisenberg
1d92118146 Add integration test for using registries-auth-tokens 2022-08-30 15:56:08 -07:00
Henry Mercer
3069613ebd Prevent hangs in Go autobuild tests due to .NET keychain prompts 2022-08-24 10:35:13 +01:00
Henry Mercer
d5ad81bcd4 Fix Go custom tracing tests 
These were supplying CODEQL_EXTRACTOR_GO_BUILD_TRACING=true rather than
CODEQL_EXTRACTOR_GO_BUILD_TRACING=on,
therefore tracing wasn't being tested.
 2022-08-23 20:03:32 +01:00
Henry Mercer
96a8424f0c Don't bypass the toolcache in test mode 2022-08-16 16:18:12 +01:00
Andrew Eisenberg
0403fb7d8c Merge branch 'main' into aeisenberg/fix-config-files 2022-08-10 15:39:35 -07:00
Angela P Wen
81c5b2d993 New debug artifacts workflow with separate jobs 2022-08-01 11:09:29 +02:00
Andrew Eisenberg
907f1deb5b Merge branch 'main' into aeisenberg/fix-config-files 2022-07-28 16:43:03 -07:00
Aditya Sharad
58faf9d60c Actions: Disable the CLR tracer in C# autobuild test 
Ensure that this succeeds even if the legacy CLR tracer is not enabled.
The combination of the regular tracer and the SIP workaround within Actions
should be sufficient for this to pass.
 2022-07-25 15:02:42 -07:00
Cornelius Riemenschneider
ceec52c4bc Address review. 2022-07-21 17:03:57 +00:00
Cornelius Riemenschneider
a32664975f autobuild-action: Run autobuilders with $CODEQL_RUNNER set. 
Without this, the tracer will not be injected on MacOS, as we need the
runner to circumvent SIP.
Also add a test that tests the autobuild-action to exercise this code path.
 2022-07-21 15:51:54 +00:00
Andrew Eisenberg
6fabde2be8 Add packs and queries from input 
This commit adds the packs and queries from the actions input to the
config file used by the CodeQL CLI.

When the `+` is used, the actions input value is combined with the
config value and when it is not used, the input value overrides the
config value.

This commit also adds a bunch of integration tests for this feature.
In order to avoid adding too many new jobs, all of the tests are
run sequentially in a single job (matrixed across relevant operating
systems and OSes).
 2022-06-28 14:07:51 -07:00
Henry Mercer
533ce91971 Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows 2022-05-11 19:32:14 +01:00
Andrew Eisenberg
a73e506617 Fix syntax error in workflow 2022-04-29 17:33:21 -07:00
Andrew Eisenberg
922dc2b976 Use the --resolve-query-specs parameter of pack download 
This will allow the command to resolve packs with paths.

Also, use a more concise version of `tr`.
 2022-04-29 10:54:01 -07:00
Andrew Eisenberg
06b15c22b1 Allow pack specifiers to include paths 
Also, this cleans up our pack-related integration tests.
We are now testing with the most recent CLIs.
 2022-04-28 17:14:30 -07:00
Henry Mercer
ed0abc6cac Log the expected outcome of the tests for clarity 2022-04-28 19:21:56 +01:00
Henry Mercer
193cfa588d Update PR checks for Windows and CodeQL CLI 2.9.0+ 2022-04-28 19:18:15 +01:00
Henry Mercer
9daf1de73c Update references to release branches 
Prepare for renaming `v1` -> `releases/v1` and `v2` -> `releases/v2`.
 2022-04-14 17:48:46 +01:00
Chuan-kai Lin
6f174084dd Add autobuild workind-directory test 2022-04-08 15:18:11 -07:00
Henry Mercer
dc0338e493 Use latest major version of actions/upload-artifact 2022-03-31 10:11:33 +01:00
Henry Mercer
57096fe795 Add a PR check to validate that ML-powered queries are run correctly 2022-03-31 10:11:30 +01:00
Henry Mercer
ea751a9fae Update other Actions from v2 to v3 2022-03-30 19:46:09 +01:00
Henry Mercer
a2949f47b3 Update actions/checkout from v2 to v3 2022-03-30 19:46:09 +01:00
Henry Mercer
e769c2dd6e Run all PR checks on v2 branch 2022-03-30 15:59:09 +01:00
Andrew Eisenberg
88db5e75ec Merge branch 'main' into aeisenberg/checkout-path-commitoid 2022-03-25 10:31:47 -07:00
Andrew Eisenberg
d068f5372a Fix failing tests 2022-03-25 10:00:47 -07:00
Andrew Eisenberg
76c3e91b1f Bump timeout to 45 minutes 
With a 30 minute timeout, we were getting some cancelled runs.
This should fix it.
 2022-03-11 11:45:45 -08:00
Andrew Eisenberg
628afae9d3 Add a timeout of 30 min 
For all CI jobs. Based on some eye-balling 30 minutes should be
enough time for all jobs to complete.
 2022-03-08 14:57:35 -08:00
Andrew Eisenberg
5c2600e559 Merge branch 'main' into aeisenberg/checkout-path-commitoid 2022-03-01 13:15:40 -08:00
Andrew Eisenberg
a92e8775d8 Use the checkout_path for getting the commit oid 
This commit also adds a new integration check to verify this.

When running in test mode, payloads will not be uploaded. Instead, they
will be saved to disk so that they can be inspected later.
 2022-03-01 12:40:52 -08:00
Edoardo Pirovano
8ec6a84629 Expand PR checks to cover windows-2022 2022-02-28 15:39:34 +00:00
Henry Mercer
13c841aa39 Bump minimum supported CodeQL version to 2.4.5 
This is the earliest CodeQL version supported by GHES.
Bumping to this version resolves some flaky tests caused by the "We
still have not reached idleness" deadlock, as this deadlock is fixed in
2.4.5.
 2022-02-16 12:46:47 +00:00
Henry Mercer
b8047e5610 Use windows-2019 for CI jobs involving build tracing 
Build tracing currently does not support Windows 2022, so use
`windows-2019` instead of`windows-latest`.
 2022-02-08 13:29:20 +00:00
Andrew Eisenberg
b2af0740e4 Remove security-events: write from tests 
This is not necessary.
 2022-02-01 19:17:15 -08:00
Alex Croteau
9f36b75178 Splits integration tests 2022-01-31 20:06:18 -05:00
Alex Croteau
dfe2bc4e49 Changes to commit hash in main branch 2022-01-31 20:06:18 -05:00
Alex Croteau
63d0c7856c Fixes integration tests referred repo 2022-01-31 20:06:18 -05:00
Alex Croteau
260b4d5dc4 Fixes integration test 2022-01-31 20:06:18 -05:00
Alex Croteau
1bfa9ace60 Adds integration test and fixes linting 2022-01-31 20:06:18 -05:00
Andrew Eisenberg
e9aa2c6f62 Add a permissions block for generated workflows 
Ensure that all workflows are able to write security events.
 2022-01-31 16:11:00 -08:00