github · aibaars · Jul 13, 2021 · Jun 29, 2021 · Jun 29, 2021 · Jun 29, 2021
@@ -894,3 +894,44 @@ jobs:
     - name: Build code
       run: ./build.sh
     - uses: ./../action/analyze
+
+  test-packaging-javascript-source-root:
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+        mv ../action/.github/workflows .github
+    - uses: ./../action/init
+      with:
+        config-file: ".github/codeql/codeql-config-packaging.yml"
+        languages: javascript
+        source-root: tests/multi-language-repo
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: "${{ runner.temp }}/results"
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+
@@ -2,6 +2,7 @@
 
 ## [UNRELEASED]
 
+- The `init` step of the Action now supports a `source-root` input as a path to the root source-code directory. By default, the path is relative to $GITHUB_WORKSPACE. [#607](https://github.com/github/codeql-action/pull/607)
 - The `analyze` step of the Action now supports a `skip-queries` option to merely build the CodeQL database without analyzing. This functionality is not present in the runner. Additionally, the step will no longer fail if it encounters a finalized database, and will instead continue with query execution. [#602](https://github.com/github/codeql-action/pull/602)
 - Update the warning message when the baseline lines of code count is unavailable. [#608](https://github.com/github/codeql-action/pull/608)
 

@@ -38,6 +38,9 @@ inputs:
     description: Try to auto-install your python dependencies
     required: true
     default: 'true'
+  source-root:
+    description: Path of the root source code directory, relative to $GITHUB_WORKSPACE.
+    required: false
 outputs:
   codeql-path:
     description: The path of the CodeQL binary used for analysis