mirror of
https://github.com/github/codeql-action.git
synced 2026-01-03 21:20:09 +08:00
2bab9f7984
This commit: Turns on uploading of artifacts again but only if CLI version is >= 2.20.3. I implemented the check using our feature flag functionality. I was on the fence about this since it makes the PR more complex. However, it does give us more flexibility when controlling artifact uploads. Also, I renamed the two workflows that were previously disabled. This way we will not accidentally enable the old workflows for previous versions of the action.
100 lines
2.8 KiB
YAML
100 lines
2.8 KiB
YAML
# Checks logs, SARIF, and database bundle debug artifacts exist
|
|
# when the analyze step fails.
|
|
name: PR Check - Debug artifacts after failure
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- releases/v*
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- ready_for_review
|
|
schedule:
|
|
- cron: '0 5 * * *'
|
|
workflow_dispatch: {}
|
|
jobs:
|
|
upload-artifacts:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
version:
|
|
- stable-v2.20.3
|
|
- default
|
|
- linked
|
|
- nightly-latest
|
|
name: Upload debug artifacts after failure in analyze
|
|
continue-on-error: true
|
|
env:
|
|
CODEQL_ACTION_TEST_MODE: true
|
|
permissions:
|
|
contents: read
|
|
timeout-minutes: 45
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Dump GitHub event
|
|
run: cat "${GITHUB_EVENT_PATH}"
|
|
- name: Check out repository
|
|
uses: actions/checkout@v4
|
|
- name: Prepare test
|
|
id: prepare-test
|
|
uses: ./.github/actions/prepare-test
|
|
with:
|
|
version: ${{ matrix.version }}
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ^1.13.1
|
|
- uses: ./../action/init
|
|
with:
|
|
tools: ${{ steps.prepare-test.outputs.tools-url }}
|
|
debug: true
|
|
debug-artifact-name: my-debug-artifacts
|
|
debug-database-name: my-db
|
|
- name: Build code
|
|
shell: bash
|
|
run: ./build.sh
|
|
- uses: ./../action/analyze
|
|
id: analysis
|
|
env:
|
|
# Forces a failure in this step.
|
|
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
|
|
with:
|
|
expect-error: true
|
|
download-and-check-artifacts:
|
|
name: Download and check debug artifacts after failure in analyze
|
|
needs: upload-artifacts
|
|
timeout-minutes: 45
|
|
permissions:
|
|
contents: read
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Download all artifacts
|
|
uses: actions/download-artifact@v4
|
|
- name: Check expected artifacts exist
|
|
shell: bash
|
|
run: |
|
|
LANGUAGES="cpp csharp go java javascript python"
|
|
cd "./my-debug-artifacts"
|
|
echo "Artifacts from run:"
|
|
for language in $LANGUAGES; do
|
|
echo "- Checking $language"
|
|
if [[ ! -f "my-db-$language-partial.zip" ]] ; then
|
|
echo "Missing a partial database bundle for $language"
|
|
exit 1
|
|
fi
|
|
if [[ ! -d "log" ]] ; then
|
|
echo "Missing database initialization logs"
|
|
exit 1
|
|
fi
|
|
if [[ ! "$language" == "go" ]] && [[ ! -d "$language/log" ]] ; then
|
|
echo "Missing logs for $language"
|
|
exit 1
|
|
fi
|
|
done
|
|
env:
|
|
GO111MODULE: auto
|