mirror of
https://github.com/github/codeql-action.git
synced 2026-01-03 13:10:06 +08:00
92 lines
2.8 KiB
YAML
Generated
92 lines
2.8 KiB
YAML
Generated
# Warning: This file is generated automatically, and should not be modified.
|
|
# Instead, please modify the template in the pr-checks directory and run:
|
|
# pr-checks/sync.sh
|
|
# to regenerate this file.
|
|
|
|
name: PR Check - Submit SARIF after failure
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GO111MODULE: auto
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- releases/v*
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- ready_for_review
|
|
schedule:
|
|
- cron: '0 5 * * *'
|
|
workflow_dispatch:
|
|
inputs: {}
|
|
workflow_call:
|
|
inputs: {}
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
concurrency:
|
|
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
jobs:
|
|
submit-sarif-failure:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- os: ubuntu-latest
|
|
version: linked
|
|
- os: ubuntu-latest
|
|
version: default
|
|
- os: ubuntu-latest
|
|
version: nightly-latest
|
|
name: Submit SARIF after failure
|
|
if: github.triggering_actor != 'dependabot[bot]'
|
|
permissions:
|
|
contents: read
|
|
security-events: write # needed to upload the SARIF file
|
|
|
|
timeout-minutes: 45
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@v5
|
|
- name: Prepare test
|
|
id: prepare-test
|
|
uses: ./.github/actions/prepare-test
|
|
with:
|
|
version: ${{ matrix.version }}
|
|
use-all-platform-bundle: 'false'
|
|
setup-kotlin: 'true'
|
|
- uses: actions/checkout@v5
|
|
- uses: ./init
|
|
with:
|
|
languages: javascript
|
|
tools: ${{ steps.prepare-test.outputs.tools-url }}
|
|
- name: Fail
|
|
# We want this job to pass if the Action correctly uploads the SARIF file for
|
|
# the failed run.
|
|
# Setting this step to continue on error means that it is marked as completing
|
|
# successfully, so will not fail the job.
|
|
continue-on-error: true
|
|
run: exit 1
|
|
- uses: ./analyze
|
|
# In a real workflow, this step wouldn't run. Since we used `continue-on-error`
|
|
# above, we manually disable it with an `if` condition.
|
|
if: false
|
|
with:
|
|
category: /test-codeql-version:${{ matrix.version }}
|
|
env:
|
|
# Internal-only environment variable used to indicate that the post-init Action
|
|
# should expect to upload a SARIF file for the failed run.
|
|
CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF: true
|
|
# Make sure the uploading SARIF files feature is enabled.
|
|
CODEQL_ACTION_UPLOAD_FAILED_SARIF: true
|
|
# Upload the failed SARIF file as an integration test of the API endpoint.
|
|
CODEQL_ACTION_TEST_MODE: false
|
|
# Mark telemetry for this workflow so it can be treated separately.
|
|
CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
|
|
|