diff --git a/.github/workflows/integration-testing.yml b/.github/workflows/integration-testing.yml deleted file mode 100644 index 684a468c82..0000000000 --- a/.github/workflows/integration-testing.yml +++ /dev/null @@ -1,543 +0,0 @@ -name: "Integration Testing" - -on: - push: - branches: [main, v1] - pull_request: - -jobs: - # This job and check-node-modules below dupliacte checks from `pr-checks.yml`. - # We run them here as well to gate the more expensive checks which wouldn't - # even be executing the correct code if these fail. - check-js: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Check generated JavaScript - run: .github/workflows/script/check-js.sh - - check-node-modules: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Check node modules up to date - run: .github/workflows/script/check-node-modules.sh - - multi-language-repo_test-autodetect-languages: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - run: | - cd "$RUNNER_TEMP/codeql_databases" - # List all directories as there will be precisely one directory per database - # but there may be other files in this directory such as query suites. - if [ "$(ls -d */ | wc -l)" != 6 ] || \ - [[ ! -d cpp ]] || \ - [[ ! -d csharp ]] || \ - [[ ! -d go ]] || \ - [[ ! -d java ]] || \ - [[ ! -d javascript ]] || \ - [[ ! -d python ]]; then - echo "Did not find expected number of databases. Database dir contains: $(ls)" - exit 1 - fi - - multi-language-repo_test-custom-queries-and-remote-config: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - tools: [~, latest] - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - tools: ${{ matrix.tools }} - languages: cpp,csharp,java,javascript,python - config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }} - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - # Currently is not possible to analyze Go in conjunction with other languages in macos - multi-language-repo_test-go-custom-queries: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/setup-go@v2 - if: ${{ matrix.os == 'macos-latest' }} - with: - go-version: '^1.13.1' - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - config-file: ./.github/codeql/custom-queries.yml - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - go-custom-tracing: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - runs-on: ${{ matrix.os }} - env: - CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" - - steps: - - uses: actions/setup-go@v2 - if: ${{ matrix.os == 'macos-latest' }} - with: - go-version: '^1.13.1' - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - - name: Build code - shell: bash - run: go build main.go - - uses: ./../action/analyze - env: - TEST_MODE: true - - go-custom-tracing-autobuild: - needs: [check-js, check-node-modules] - # No need to test Go autobuild on multiple OSes since - # we're testing Go custom tracing with a manual build on all OSes. - runs-on: ubuntu-latest - env: - CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - - uses: ./../action/autobuild - - uses: ./../action/analyze - env: - TEST_MODE: true - - multi-language-repo_rubocop: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - name: Set up Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: 2.6 - - name: Install Code Scanning integration - run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install - - name: Install dependencies - run: bundle install - - name: Rubocop run - run: | - bash -c " - bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif - [[ $? -ne 2 ]] - " - - uses: ./../action/upload-sarif - with: - sarif_file: rubocop.sarif - env: - TEST_MODE: true - - test-proxy: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - container: - image: ubuntu:18.04 - options: --dns 127.0.0.1 - services: - squid-proxy: - image: datadog/squid:latest - ports: - - 3128:3128 - env: - https_proxy: http://squid-proxy:3128 - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: javascript - - uses: ./../action/analyze - env: - TEST_MODE: true - - runner-analyze-javascript-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - # Pass --config-file here, but not for other jobs in this workflow. - # This means we're testing the config file parsing in the runner - # but not slowing down all jobs unnecessarily as it doesn't add much - # testing the parsing on different operating systems and languages. - runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - cat ./codeql-runner/codeql-env.sh | Invoke-Expression - & $Env:CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - - runner-analyze-csharp-autobuild-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - ../action/runner/dist/codeql-runner-linux autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - ../action/runner/dist/codeql-runner-win.exe autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - ../action/runner/dist/codeql-runner-macos autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-upload-sarif: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Upload with runner - run: | - # Deliberately don't use TEST_MODE here. This is specifically testing - # the compatibility with the API. - runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index ef1eed0ef1..42b9b3aa95 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -41,3 +41,520 @@ jobs: - uses: actions/checkout@v2 - name: npm run-script test run: npm run-script test + + multi-language-repo_test-autodetect-languages: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + - run: | + cd "$RUNNER_TEMP/codeql_databases" + # List all directories as there will be precisely one directory per database + # but there may be other files in this directory such as query suites. + if [ "$(ls -d */ | wc -l)" != 6 ] || \ + [[ ! -d cpp ]] || \ + [[ ! -d csharp ]] || \ + [[ ! -d go ]] || \ + [[ ! -d java ]] || \ + [[ ! -d javascript ]] || \ + [[ ! -d python ]]; then + echo "Did not find expected number of databases. Database dir contains: $(ls)" + exit 1 + fi + + multi-language-repo_test-custom-queries-and-remote-config: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + tools: [~, latest] + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + tools: ${{ matrix.tools }} + languages: cpp,csharp,java,javascript,python + config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }} + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + + # Currently is not possible to analyze Go in conjunction with other languages in macos + multi-language-repo_test-go-custom-queries: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/setup-go@v2 + if: ${{ matrix.os == 'macos-latest' }} + with: + go-version: '^1.13.1' + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + config-file: ./.github/codeql/custom-queries.yml + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + + go-custom-tracing: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + runs-on: ${{ matrix.os }} + env: + CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" + + steps: + - uses: actions/setup-go@v2 + if: ${{ matrix.os == 'macos-latest' }} + with: + go-version: '^1.13.1' + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + - name: Build code + shell: bash + run: go build main.go + - uses: ./../action/analyze + env: + TEST_MODE: true + + go-custom-tracing-autobuild: + needs: [check-js, check-node-modules] + # No need to test Go autobuild on multiple OSes since + # we're testing Go custom tracing with a manual build on all OSes. + runs-on: ubuntu-latest + env: + CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + - uses: ./../action/autobuild + - uses: ./../action/analyze + env: + TEST_MODE: true + + multi-language-repo_rubocop: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 2.6 + - name: Install Code Scanning integration + run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install + - name: Install dependencies + run: bundle install + - name: Rubocop run + run: | + bash -c " + bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif + [[ $? -ne 2 ]] + " + - uses: ./../action/upload-sarif + with: + sarif_file: rubocop.sarif + env: + TEST_MODE: true + + test-proxy: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + container: + image: ubuntu:18.04 + options: --dns 127.0.0.1 + services: + squid-proxy: + image: datadog/squid:latest + ports: + - 3128:3128 + env: + https_proxy: http://squid-proxy:3128 + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: javascript + - uses: ./../action/analyze + env: + TEST_MODE: true + + runner-analyze-javascript-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + # Pass --config-file here, but not for other jobs in this workflow. + # This means we're testing the config file parsing in the runner + # but not slowing down all jobs unnecessarily as it doesn't add much + # testing the parsing on different operating systems and languages. + runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + cat ./codeql-runner/codeql-env.sh | Invoke-Expression + & $Env:CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + + runner-analyze-csharp-autobuild-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + ../action/runner/dist/codeql-runner-linux autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + ../action/runner/dist/codeql-runner-win.exe autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + ../action/runner/dist/codeql-runner-macos autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-upload-sarif: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Upload with runner + run: | + # Deliberately don't use TEST_MODE here. This is specifically testing + # the compatibility with the API. + runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}