# Warning: This file is generated automatically, and should not be modified. # Instead, please modify the template in the pr-checks directory and run: # pr-checks/sync.sh # to regenerate this file. name: 'PR Check - Packaging: Action input' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto on: push: branches: - main - releases/v* pull_request: types: - opened - synchronize - reopened - ready_for_review schedule: - cron: '0 5 * * *' workflow_dispatch: inputs: go-version: type: string description: The version of Go to install required: false default: '>=1.21.0' dotnet-version: type: string description: The version of .NET to install required: false default: 9.x workflow_call: inputs: go-version: type: string description: The version of Go to install required: false default: '>=1.21.0' dotnet-version: type: string description: The version of .NET to install required: false default: 9.x defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: packaging-inputs-js: strategy: fail-fast: false matrix: include: - os: ubuntu-latest version: linked - os: ubuntu-latest version: default - os: ubuntu-latest version: nightly-latest name: 'Packaging: Action input' if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read timeout-minutes: 45 runs-on: ${{ matrix.os }} steps: - name: Check out repository uses: actions/checkout@v6 - name: Install Node.js uses: actions/setup-node@v6 with: node-version: 20.x cache: npm - name: Install dependencies run: npm ci - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test with: version: ${{ matrix.version }} use-all-platform-bundle: 'false' setup-kotlin: 'true' - name: Install Go uses: actions/setup-go@v6 with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - name: Install .NET uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ inputs.dotnet-version || '9.x' }} - uses: ./../action/init with: config-file: .github/codeql/codeql-config-packaging2.yml languages: javascript packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2, codeql-testing/codeql-pack3:other-query.ql tools: ${{ steps.prepare-test.outputs.tools-url }} - name: Build code run: ./build.sh - uses: ./../action/analyze with: output: ${{ runner.temp }}/results - name: Check results uses: ./../action/.github/actions/check-sarif with: sarif-file: ${{ runner.temp }}/results/javascript.sarif queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block queries-not-run: foo,bar - name: Assert Results run: | cd "$RUNNER_TEMP/results" # We should have 4 hits from these rules EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block" # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n\r" " " | xargs)" echo "Found matching rules '$RULES'" if [ "$RULES" != "$EXPECTED_RULES" ]; then echo "Did not match expected rules '$EXPECTED_RULES'." exit 1 fi env: CODEQL_ACTION_TEST_MODE: true