Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the check-sarif action #1096

Merged
merged 14 commits into from
Jun 16, 2022
Merged

Add the check-sarif action #1096

merged 14 commits into from
Jun 16, 2022

Conversation

aeisenberg
Copy link
Contributor

@aeisenberg aeisenberg commented Jun 14, 2022
edited
Loading

Allows us to analyze and then check that certain queries were included
in the analysis and others were not.

This will be used in a future PR, but want to get this in first.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@aeisenberg aeisenberg requested a review from a team as a code owner June 14, 2022 04:09
@aeisenberg aeisenberg force-pushed the aeisenberg/check-sarif-action branch 11 times, most recently from d3b9427 to 11fe02e Compare June 14, 2022 18:46
@aeisenberg
Add the check-sarif action
bcb7fad 
Allows us to analyze and then check that certain queries were included
in the analysis and others were not.
@aeisenberg aeisenberg force-pushed the aeisenberg/check-sarif-action branch from 11fe02e to bcb7fad Compare June 14, 2022 18:55
@aeisenberg
Add capability to filter queries
40b2800 
This change adds a `query-filters` property to the codeql-config file.

This property is an array of `exclude`/`include` entries for a query
suite. These filters are appended to the generated query suite files
and used to filter queries after they are selected.

A related change is that now, all pack references are run in a single
query suite, which has the query filters appended to them.
@aeisenberg
Merge branch 'aeisenberg/js-yaml-typings' into aeisenberg/remove-queries
06e27d3
@aeisenberg
Add integration tests for query filters
eec34d5
@aeisenberg
Copy link
Contributor Author

aeisenberg commented Jun 15, 2022
edited
Loading

Still need to add a changelog note for this. No changelog required.

henrymercer
henrymercer reviewed Jun 15, 2022
View reviewed changes
.github/check-sarif/index.js Show resolved Hide resolved
.github/check-sarif/index.js Outdated Show resolved Hide resolved
.github/check-sarif/index.js Outdated Show resolved Hide resolved
.github/check-sarif/index.js Outdated Show resolved Hide resolved
.github/check-sarif/index.js Outdated Show resolved Hide resolved
.github/check-sarif/index.js Outdated Show resolved Hide resolved
.github/check-sarif/action.yml Show resolved Hide resolved
@aeisenberg
Clarify variable names in new action
4918636 
Also simplify some computations.
@aeisenberg aeisenberg force-pushed the aeisenberg/check-sarif-action branch from 1754357 to 4918636 Compare June 15, 2022 23:06
henrymercer
henrymercer approved these changes Jun 15, 2022
View reviewed changes
.github/workflows/expected-queries-runs.yml Outdated Show resolved Hide resolved
.github/workflows/expected-queries-runs.yml Outdated Show resolved Hide resolved
.github/check-sarif/action.yml Show resolved Hide resolved
.github/check-sarif/index.js Show resolved Hide resolved
@aeisenberg aeisenberg force-pushed the aeisenberg/check-sarif-action branch from 25cbd7a to 80ecdcd Compare June 16, 2022 00:53
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 16, 2022
View reviewed changes
.github/check-sarif/action.yml
@@ -0,0 +1,20 @@
name: Check SARIF

Check failure

Code scanning / CodeQL

Inconsistent action input

Action [.github/check-sarif](1) and action [.github/query-filter-test](2) both declare input sarif-file, however their definitions are not identical. This may be confusing to users.
.github/query-filter-test/action.yml
@@ -0,0 +1,52 @@
name: Query Filter Test

Check failure

Code scanning / CodeQL

Inconsistent action input

Action [.github/query-filter-test](1) and action [init](2) both declare input tools, however their definitions are not identical. This may be confusing to users. Action [.github/query-filter-test](1) and action [init](2) both declare input config-file, however their definitions are not identical. This may be confusing to users.
@aeisenberg aeisenberg merged commit 2e80c74 into main Jun 16, 2022
@aeisenberg aeisenberg deleted the aeisenberg/check-sarif-action branch June 16, 2022 01:39
This was referenced Jun 21, 2022
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@henrymercer henrymercer henrymercer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aeisenberg @henrymercer