codeql-action/.github/workflows/__export-file-baseline-information.yml

# Warning: This file is generated automatically, and should not be modified.
# Instead, please modify the template in the pr-checks directory and run:
#     pr-checks/sync.sh
# to regenerate this file.

name: PR Check - Export file baseline information
env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
on:
  push:
    branches:
      - main
      - releases/v*
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - ready_for_review
  schedule:
    - cron: '0 5 * * *'
  workflow_dispatch:
    inputs:
      go-version:
        type: string
        description: The version of Go to install
        required: false
        default: '>=1.21.0'
      dotnet-version:
        type: string
        description: The version of .NET to install
        required: false
        default: 9.x
  workflow_call:
    inputs:
      go-version:
        type: string
        description: The version of Go to install
        required: false
        default: '>=1.21.0'
      dotnet-version:
        type: string
        description: The version of .NET to install
        required: false
        default: 9.x
defaults:
  run:
    shell: bash
concurrency:
  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
  group: ${{ github.workflow }}-${{ github.ref }}
jobs:
  export-file-baseline-information:
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-latest
            version: nightly-latest
          - os: macos-latest
            version: nightly-latest
          - os: windows-latest
            version: nightly-latest
    name: Export file baseline information
    if: github.triggering_actor != 'dependabot[bot]'
    permissions:
      contents: read
      security-events: read
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
      - name: Check out repository
        uses: actions/checkout@v6
      - name: Prepare test
        id: prepare-test
        uses: ./.github/actions/prepare-test
        with:
          version: ${{ matrix.version }}
          use-all-platform-bundle: 'false'
          setup-kotlin: 'true'
      - name: Install Go
        uses: actions/setup-go@v6
        with:
          go-version: ${{ inputs.go-version || '>=1.21.0' }}
          cache: false
      - name: Install .NET
        uses: actions/setup-dotnet@v5
        with:
          dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
      - uses: ./../action/init
        id: init
        with:
          languages: javascript
          tools: ${{ steps.prepare-test.outputs.tools-url }}
      - name: Build code
        run: ./build.sh
      - uses: ./../action/analyze
        with:
          output: ${{ runner.temp }}/results
      - name: Upload SARIF
        uses: actions/upload-artifact@v5
        with:
          name: with-baseline-information-${{ matrix.os }}-${{ matrix.version }}.sarif.json
          path: ${{ runner.temp }}/results/javascript.sarif
          retention-days: 7
      - name: Check results
        run: |
          cd "$RUNNER_TEMP/results"
          expected_baseline_languages="c csharp go java kotlin javascript python ruby"
          if [[ $RUNNER_OS == "macOS" ]]; then
            expected_baseline_languages+=" swift"
          fi

          for lang in ${expected_baseline_languages}; do
            rule_name="cli/expected-extracted-files/${lang}"
            found_notification=$(jq --arg rule_name "${rule_name}" '[.runs[0].tool.driver.notifications |
              select(. != null) | flatten | .[].id] | any(. == $rule_name)' javascript.sarif)
            if [[ "${found_notification}" != "true" ]]; then
              echo "Expected SARIF output to contain notification '${rule_name}', but found no such notification."
              exit 1
            else
              echo "Found notification '${rule_name}'."
            fi
          done
    env:
      CODEQL_ACTION_SUBLANGUAGE_FILE_COVERAGE: true
      CODEQL_ACTION_TEST_MODE: true