codeql-action/src/upload-sarif.ts at c59e24e20a62c525fdf86eb1c6102cf919c11090 · github/codeql-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
import { UploadKind } from "./actions-util";
import * as analyses from "./analyses";
import { FeatureEnablement } from "./feature-flags";
import { Logger } from "./logging";
import * as upload_lib from "./upload-lib";
import { unsafeEntriesInvariant } from "./util";

// Maps analysis kinds to SARIF IDs.
export type UploadSarifResults = Partial<
  Record<analyses.AnalysisKind, upload_lib.UploadResult>
>;

/**
 * Finds SARIF files in `sarifPath`, post-processes them, and uploads them to the appropriate services.
 *
 * @param logger The logger to use.
 * @param tempPath The path to the temporary directory.
 * @param features Information about enabled features.
 * @param getCodeQL A function to retrieve a `CodeQL` instance.
 * @param uploadKind The kind of upload that is requested.
 * @param checkoutPath The path where the repository was checked out at.
 * @param sarifPath The path to the file or directory to upload.
 * @param category The analysis category.
 * @param postProcessedOutputPath The path to a directory to which the post-processed SARIF files should be written to.
 *
 * @returns A partial mapping from analysis kinds to the upload results.
 */
export async function postProcessAndUploadSarif(
  logger: Logger,
  tempPath: string,
  features: FeatureEnablement,
  getCodeQL: upload_lib.CodeQLGetter,
  uploadKind: UploadKind,
  checkoutPath: string,
  sarifPath: string,
  category?: string,
  postProcessedOutputPath?: string,
): Promise<UploadSarifResults> {
  const sarifGroups = await upload_lib.getGroupedSarifFilePaths(
    logger,
    sarifPath,
  );

  const uploadResults: UploadSarifResults = {};
  for (const [analysisKind, sarifFiles] of unsafeEntriesInvariant(
    sarifGroups,
  )) {
    const analysisConfig = analyses.getAnalysisConfig(analysisKind);
    const postProcessingResults = await upload_lib.postProcessSarifFiles(
      logger,
      features,
      getCodeQL,
      tempPath,
      checkoutPath,
      sarifFiles,
      category,
      analysisConfig,
    );

    // Write the post-processed SARIF files to disk. This will only write them if needed based on user inputs
    // or environment variables.
    await upload_lib.writePostProcessedFiles(
      logger,
      postProcessedOutputPath,
      analysisConfig,
      postProcessingResults,
    );

    // Only perform the actual upload of the post-processed files if `uploadKind` is `always`.
    if (uploadKind === "always") {
      uploadResults[analysisKind] = await upload_lib.uploadPostProcessedFiles(
        logger,
        checkoutPath,
        analysisConfig,
        postProcessingResults,
      );
    }
  }

  return uploadResults;
}