Merge pull request #1659 from github/update-v2.3.1-da583b07a

* Update changelog and version after v2.3.0 * Update checked-in dependencies * Throw full error for CLI bundle download (#1657) * Add `workload_run_attempt` to analysis upload (#1658) * Refactor status report upload logic Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()` * Add `workflow_run_attempt` to analysis payload * Stop allowing `undefined` run IDs and attempts Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload. * Update changelog for v2.3.1 --------- Co-authored-by: github-actions[bot] <[email protected]> Co-authored-by: Chuan-kai Lin <[email protected]> Co-authored-by: Angela P Wen <[email protected]>
github · Apr 26, 2023 · 8662eab · 8662eab
2 parents b2c19fb + 1f2f707
commit 8662eab
Show file tree

Hide file tree

Showing 19 changed files with 98 additions and 51 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # CodeQL Action Changelog
 
+## 2.3.1 - 26 Apr 2023
+
+No user facing changes.
+
 ## 2.3.0 - 21 Apr 2023
 
 - Update default CodeQL bundle version to 2.13.0. [#1649](https://github.com/github/codeql-action/pull/1649)

diff --git a/lib/actions-util.js b/lib/actions-util.js
diff --git a/lib/actions-util.js.map b/lib/actions-util.js.map
diff --git a/lib/codeql.js b/lib/codeql.js
diff --git a/lib/codeql.js.map b/lib/codeql.js.map
diff --git a/lib/upload-lib.js b/lib/upload-lib.js
diff --git a/lib/upload-lib.js.map b/lib/upload-lib.js.map
diff --git a/lib/upload-lib.test.js b/lib/upload-lib.test.js
diff --git a/lib/upload-lib.test.js.map b/lib/upload-lib.test.js.map
diff --git a/lib/workflow.js b/lib/workflow.js
diff --git a/lib/workflow.js.map b/lib/workflow.js.map
diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.3.0",
+  "version": "2.3.1",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

diff --git a/src/actions-util.ts b/src/actions-util.ts
@@ -21,7 +21,11 @@ import {
   parseMatrixInput,
   UserError,
 } from "./util";
-import { getWorkflowRelativePath } from "./workflow";
+import {
+  getWorkflowRunID,
+  getWorkflowRunAttempt,
+  getWorkflowRelativePath,
+} from "./workflow";
 
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json") as JSONSchemaForNPMPackageJsonFiles;
@@ -407,16 +411,8 @@ export async function createStatusReportBase(
 ): Promise<StatusReportBase> {
   const commitOid = getOptionalInput("sha") || process.env["GITHUB_SHA"] || "";
   const ref = await getRef();
-  const workflowRunIDStr = process.env["GITHUB_RUN_ID"];
-  let workflowRunID = -1;
-  if (workflowRunIDStr) {
-    workflowRunID = parseInt(workflowRunIDStr, 10);
-  }
-  const workflowRunAttemptStr = process.env["GITHUB_RUN_ATTEMPT"];
-  let workflowRunAttempt = -1;
-  if (workflowRunAttemptStr) {
-    workflowRunAttempt = parseInt(workflowRunAttemptStr, 10);
-  }
+  const workflowRunID = getWorkflowRunID();
+  const workflowRunAttempt = getWorkflowRunAttempt();
   const workflowName = process.env["GITHUB_WORKFLOW"] || "";
   const jobName = process.env["GITHUB_JOB"] || "";
   const analysis_key = await getAnalysisKey();

diff --git a/src/codeql.ts b/src/codeql.ts
@@ -340,8 +340,9 @@ export async function setupCodeQL(
       toolsVersion,
     };
   } catch (e) {
-    logger.error(wrapError(e).message);
-    throw new Error("Unable to download and extract CodeQL CLI");
+    throw new Error(
+      `Unable to download and extract CodeQL CLI: ${wrapError(e).message}`
+    );
   }
 }
 

diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts
@@ -37,7 +37,8 @@ test("validate correct payload used for push, PR merge commit, and PR head", asy
     "key",
     undefined,
     "",
-    undefined,
+    1234,
+    1,
     "/opt/src",
     undefined,
     ["CodeQL", "eslint"],
@@ -59,7 +60,8 @@ test("validate correct payload used for push, PR merge commit, and PR head", asy
     "key",
     undefined,
     "",
-    undefined,
+    1234,
+    1,
     "/opt/src",
     undefined,
     ["CodeQL", "eslint"],
@@ -75,7 +77,8 @@ test("validate correct payload used for push, PR merge commit, and PR head", asy
     "key",
     undefined,
     "",
-    undefined,
+    1234,
+    1,
     "/opt/src",
     undefined,
     ["CodeQL", "eslint"],

diff --git a/src/upload-lib.ts b/src/upload-lib.ts
@@ -173,6 +173,7 @@ export async function uploadFromActions(
     category,
     util.getRequiredEnvParam("GITHUB_WORKFLOW"),
     workflow.getWorkflowRunID(),
+    workflow.getWorkflowRunAttempt(),
     checkoutPath,
     actionsUtil.getRequiredInput("matrix"),
     logger
@@ -255,7 +256,8 @@ export function buildPayload(
   analysisKey: string | undefined,
   analysisName: string | undefined,
   zippedSarif: string,
-  workflowRunID: number | undefined,
+  workflowRunID: number,
+  workflowRunAttempt: number,
   checkoutURI: string,
   environment: string | undefined,
   toolNames: string[],
@@ -268,6 +270,7 @@ export function buildPayload(
     analysis_name: analysisName,
     sarif: zippedSarif,
     workflow_run_id: workflowRunID,
+    workflow_run_attempt: workflowRunAttempt,
     checkout_uri: checkoutURI,
     environment,
     started_at: process.env[CODEQL_WORKFLOW_STARTED_AT],
@@ -312,7 +315,8 @@ async function uploadFiles(
   analysisKey: string,
   category: string | undefined,
   analysisName: string | undefined,
-  workflowRunID: number | undefined,
+  workflowRunID: number,
+  workflowRunAttempt: number,
   sourceRoot: string,
   environment: string | undefined,
   logger: Logger
@@ -352,6 +356,7 @@ async function uploadFiles(
     analysisName,
     zippedSarif,
     workflowRunID,
+    workflowRunAttempt,
     checkoutURI,
     environment,
     toolNames,

diff --git a/src/workflow.ts b/src/workflow.ts
@@ -312,13 +312,40 @@ export async function getWorkflowRelativePath(): Promise<string> {
  * Get the workflow run ID.
  */
 export function getWorkflowRunID(): number {
-  const workflowRunID = parseInt(getRequiredEnvParam("GITHUB_RUN_ID"), 10);
+  const workflowRunIdString = getRequiredEnvParam("GITHUB_RUN_ID");
+  const workflowRunID = parseInt(workflowRunIdString, 10);
   if (Number.isNaN(workflowRunID)) {
-    throw new Error("GITHUB_RUN_ID must define a non NaN workflow run ID");
+    throw new Error(
+      `GITHUB_RUN_ID must define a non NaN workflow run ID. Current value is ${workflowRunIdString}`
+    );
+  }
+  if (workflowRunID < 0) {
+    throw new Error(
+      `GITHUB_RUN_ID must be a non-negative integer. Current value is ${workflowRunIdString}`
+    );
   }
   return workflowRunID;
 }
 
+/**
+ * Get the workflow run attempt number.
+ */
+export function getWorkflowRunAttempt(): number {
+  const workflowRunAttemptString = getRequiredEnvParam("GITHUB_RUN_ID");
+  const workflowRunAttempt = parseInt(workflowRunAttemptString, 10);
+  if (Number.isNaN(workflowRunAttempt)) {
+    throw new Error(
+      `GITHUB_RUN_ATTEMPT must define a non NaN workflow run attempt. Current value is ${workflowRunAttemptString}`
+    );
+  }
+  if (workflowRunAttempt <= 0) {
+    throw new Error(
+      `GITHUB_RUN_ATTEMPT must be a positive integer. Current value is ${workflowRunAttemptString}`
+    );
+  }
+  return workflowRunAttempt;
+}
+
 function getStepsCallingAction(
   job: WorkflowJob,
   actionName: string