mirror of
https://github.com/github/codeql-action.git
synced 2025-12-27 01:30:10 +08:00
a21bb7f968
- The `upload` input to the `analyze` Action now accepts the following values:
- `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
- `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
- `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
- The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.
---------
Co-authored-by: Henry Mercer <henry.mercer@me.com>
22 lines
751 B
YAML
22 lines
751 B
YAML
name: "Upload-sarif: 'ref' and 'sha' from inputs"
|
|
description: "Checks that specifying 'ref' and 'sha' as inputs works"
|
|
steps:
|
|
- uses: ./../action/init
|
|
with:
|
|
tools: ${{ steps.prepare-test.outputs.tools-url }}
|
|
languages: cpp,csharp,java,javascript,python
|
|
config-file: ${{ github.repository }}/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
|
|
- name: Build code
|
|
shell: bash
|
|
run: ./build.sh
|
|
- uses: ./../action/analyze
|
|
with:
|
|
upload-database: false
|
|
ref: 'refs/heads/main'
|
|
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
|
|
upload: never
|
|
- uses: ./../action/upload-sarif
|
|
with:
|
|
ref: 'refs/heads/main'
|
|
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
|