From 9ace6974f2ce537c772f87c4e537eab7de1643e4 Mon Sep 17 00:00:00 2001 From: Robin Neatherway Date: Wed, 13 Jan 2021 12:10:34 +0000 Subject: [PATCH] Merge pr-check and integration-testing workflows These had some minor overlap checking that the JS is up to date and there isn't any benefit in having them separate as the jobs are run in parallel anyway. --- .github/workflows/integration-testing.yml | 543 ---------------------- .github/workflows/pr-checks.yml | 517 ++++++++++++++++++++ 2 files changed, 517 insertions(+), 543 deletions(-) delete mode 100644 .github/workflows/integration-testing.yml diff --git a/.github/workflows/integration-testing.yml b/.github/workflows/integration-testing.yml deleted file mode 100644 index 684a468c82..0000000000 --- a/.github/workflows/integration-testing.yml +++ /dev/null @@ -1,543 +0,0 @@ -name: "Integration Testing" - -on: - push: - branches: [main, v1] - pull_request: - -jobs: - # This job and check-node-modules below dupliacte checks from `pr-checks.yml`. - # We run them here as well to gate the more expensive checks which wouldn't - # even be executing the correct code if these fail. - check-js: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Check generated JavaScript - run: .github/workflows/script/check-js.sh - - check-node-modules: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Check node modules up to date - run: .github/workflows/script/check-node-modules.sh - - multi-language-repo_test-autodetect-languages: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - run: | - cd "$RUNNER_TEMP/codeql_databases" - # List all directories as there will be precisely one directory per database - # but there may be other files in this directory such as query suites. - if [ "$(ls -d */ | wc -l)" != 6 ] || \ - [[ ! -d cpp ]] || \ - [[ ! -d csharp ]] || \ - [[ ! -d go ]] || \ - [[ ! -d java ]] || \ - [[ ! -d javascript ]] || \ - [[ ! -d python ]]; then - echo "Did not find expected number of databases. Database dir contains: $(ls)" - exit 1 - fi - - multi-language-repo_test-custom-queries-and-remote-config: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - tools: [~, latest] - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - tools: ${{ matrix.tools }} - languages: cpp,csharp,java,javascript,python - config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }} - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - # Currently is not possible to analyze Go in conjunction with other languages in macos - multi-language-repo_test-go-custom-queries: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/setup-go@v2 - if: ${{ matrix.os == 'macos-latest' }} - with: - go-version: '^1.13.1' - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - config-file: ./.github/codeql/custom-queries.yml - - name: Build code - shell: bash - run: ./build.sh - - uses: ./../action/analyze - env: - TEST_MODE: true - - go-custom-tracing: - needs: [check-js, check-node-modules] - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - runs-on: ${{ matrix.os }} - env: - CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" - - steps: - - uses: actions/setup-go@v2 - if: ${{ matrix.os == 'macos-latest' }} - with: - go-version: '^1.13.1' - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - - name: Build code - shell: bash - run: go build main.go - - uses: ./../action/analyze - env: - TEST_MODE: true - - go-custom-tracing-autobuild: - needs: [check-js, check-node-modules] - # No need to test Go autobuild on multiple OSes since - # we're testing Go custom tracing with a manual build on all OSes. - runs-on: ubuntu-latest - env: - CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: go - - uses: ./../action/autobuild - - uses: ./../action/analyze - env: - TEST_MODE: true - - multi-language-repo_rubocop: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - name: Set up Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: 2.6 - - name: Install Code Scanning integration - run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install - - name: Install dependencies - run: bundle install - - name: Rubocop run - run: | - bash -c " - bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif - [[ $? -ne 2 ]] - " - - uses: ./../action/upload-sarif - with: - sarif_file: rubocop.sarif - env: - TEST_MODE: true - - test-proxy: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - container: - image: ubuntu:18.04 - options: --dns 127.0.0.1 - services: - squid-proxy: - image: datadog/squid:latest - ports: - - 3128:3128 - env: - https_proxy: http://squid-proxy:3128 - steps: - - uses: actions/checkout@v2 - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - uses: ./../action/init - with: - languages: javascript - - uses: ./../action/analyze - env: - TEST_MODE: true - - runner-analyze-javascript-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - # Pass --config-file here, but not for other jobs in this workflow. - # This means we're testing the config file parsing in the runner - # but not slowing down all jobs unnecessarily as it doesn't add much - # testing the parsing on different operating systems and languages. - runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - cat ./codeql-runner/codeql-env.sh | Invoke-Expression - & $Env:CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - - runner-analyze-csharp-autobuild-ubuntu: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - ../action/runner/dist/codeql-runner-linux autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-windows: - needs: [check-js, check-node-modules] - runs-on: windows-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - ../action/runner/dist/codeql-runner-win.exe autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-macos: - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - ../action/runner/dist/codeql-runner-macos autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-upload-sarif: - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} - - steps: - - uses: actions/checkout@v2 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Upload with runner - run: | - # Deliberately don't use TEST_MODE here. This is specifically testing - # the compatibility with the API. - runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index ef1eed0ef1..42b9b3aa95 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -41,3 +41,520 @@ jobs: - uses: actions/checkout@v2 - name: npm run-script test run: npm run-script test + + multi-language-repo_test-autodetect-languages: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + - run: | + cd "$RUNNER_TEMP/codeql_databases" + # List all directories as there will be precisely one directory per database + # but there may be other files in this directory such as query suites. + if [ "$(ls -d */ | wc -l)" != 6 ] || \ + [[ ! -d cpp ]] || \ + [[ ! -d csharp ]] || \ + [[ ! -d go ]] || \ + [[ ! -d java ]] || \ + [[ ! -d javascript ]] || \ + [[ ! -d python ]]; then + echo "Did not find expected number of databases. Database dir contains: $(ls)" + exit 1 + fi + + multi-language-repo_test-custom-queries-and-remote-config: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + tools: [~, latest] + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + tools: ${{ matrix.tools }} + languages: cpp,csharp,java,javascript,python + config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }} + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + + # Currently is not possible to analyze Go in conjunction with other languages in macos + multi-language-repo_test-go-custom-queries: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/setup-go@v2 + if: ${{ matrix.os == 'macos-latest' }} + with: + go-version: '^1.13.1' + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + config-file: ./.github/codeql/custom-queries.yml + - name: Build code + shell: bash + run: ./build.sh + - uses: ./../action/analyze + env: + TEST_MODE: true + + go-custom-tracing: + needs: [check-js, check-node-modules] + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + runs-on: ${{ matrix.os }} + env: + CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" + + steps: + - uses: actions/setup-go@v2 + if: ${{ matrix.os == 'macos-latest' }} + with: + go-version: '^1.13.1' + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + - name: Build code + shell: bash + run: go build main.go + - uses: ./../action/analyze + env: + TEST_MODE: true + + go-custom-tracing-autobuild: + needs: [check-js, check-node-modules] + # No need to test Go autobuild on multiple OSes since + # we're testing Go custom tracing with a manual build on all OSes. + runs-on: ubuntu-latest + env: + CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on" + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: go + - uses: ./../action/autobuild + - uses: ./../action/analyze + env: + TEST_MODE: true + + multi-language-repo_rubocop: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 2.6 + - name: Install Code Scanning integration + run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install + - name: Install dependencies + run: bundle install + - name: Rubocop run + run: | + bash -c " + bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif + [[ $? -ne 2 ]] + " + - uses: ./../action/upload-sarif + with: + sarif_file: rubocop.sarif + env: + TEST_MODE: true + + test-proxy: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + container: + image: ubuntu:18.04 + options: --dns 127.0.0.1 + services: + squid-proxy: + image: datadog/squid:latest + ports: + - 3128:3128 + env: + https_proxy: http://squid-proxy:3128 + steps: + - uses: actions/checkout@v2 + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + - uses: ./../action/init + with: + languages: javascript + - uses: ./../action/analyze + env: + TEST_MODE: true + + runner-analyze-javascript-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + # Pass --config-file here, but not for other jobs in this workflow. + # This means we're testing the config file parsing in the runner + # but not slowing down all jobs unnecessarily as it doesn't add much + # testing the parsing on different operating systems and languages. + runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + cat ./codeql-runner/codeql-env.sh | Invoke-Expression + & $Env:CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + + runner-analyze-csharp-autobuild-ubuntu: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + ../action/runner/dist/codeql-runner-linux autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-windows: + needs: [check-js, check-node-modules] + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + ../action/runner/dist/codeql-runner-win.exe autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-macos: + needs: [check-js, check-node-modules] + runs-on: macos-latest + + steps: + - uses: actions/checkout@v2 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + ../action/runner/dist/codeql-runner-macos autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-upload-sarif: + needs: [check-js, check-node-modules] + runs-on: ubuntu-latest + + if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} + + steps: + - uses: actions/checkout@v2 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Upload with runner + run: | + # Deliberately don't use TEST_MODE here. This is specifically testing + # the compatibility with the API. + runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}