Merge branch 'main' into rneatherway/optional-merge

Author: rneatherway

.eslintrc.json

@@ -44,15 +44,10 @@
             "@typescript-eslint/prefer-regexp-exec": "off",
             "@typescript-eslint/require-await": "off",
             "@typescript-eslint/restrict-template-expressions": "off",
-            "eslint-comments/no-use": "off",
             "func-style": "off",
-            "github/array-foreach": "off",
             "github/no-then": "off",
             "import/no-extraneous-dependencies": "off",
             "no-shadow": "off",
-            "no-sparse-arrays": "off",
-            "no-throw-literal": "off",
-            "no-useless-escape": "off",
             "sort-imports": "off"
         }
     }]

.github/workflows/codeql.yml

@@ -1,6 +1,9 @@
 name: "CodeQL action"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
   build:

.github/workflows/integration-testing.yml

@@ -1,6 +1,9 @@
 name: "Integration Testing"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
   multi-language-repo_test-autodetect-languages:
@@ -41,6 +44,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
+        tools: [~, latest]
     runs-on: ${{ matrix.os }}
 
     steps:
@@ -53,6 +57,7 @@ jobs:
         mv ../action/tests/multi-language-repo/{*,.github} .
     - uses: ./../action/init
       with:
+        tools: ${{ matrix.tools }}
         languages: cpp,csharp,java,javascript,python
         config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
     - name: Build code
@@ -150,7 +155,7 @@ jobs:
     - uses: ./../action/analyze
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-ubuntu:
     runs-on: ubuntu-latest
 
@@ -176,7 +181,7 @@ jobs:
         runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-windows:
     runs-on: windows-latest
 
@@ -198,7 +203,7 @@ jobs:
         runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-macos:
     runs-on: macos-latest
 
@@ -220,7 +225,7 @@ jobs:
         runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-ubuntu:
     runs-on: ubuntu-latest
 
@@ -254,7 +259,7 @@ jobs:
         ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-windows:
     runs-on: windows-latest
 
@@ -325,7 +330,7 @@ jobs:
       env:
         TEST_MODE: true
 
-  
+
   runner-analyze-csharp-autobuild-ubuntu:
     runs-on: ubuntu-latest
 
@@ -358,7 +363,7 @@ jobs:
         ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-autobuild-windows:
     runs-on: windows-latest
 

.github/workflows/pr-checks.yml

@@ -1,6 +1,9 @@
 name: "PR checks"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
   lint-js:
@@ -62,7 +65,7 @@ jobs:
           exit 1
         fi
         echo "Success: node_modules are up to date"
-        
+
   npm-test:
     strategy:
       matrix:

.github/workflows/split.yml

@@ -0,0 +1,73 @@
+#
+# Split the CodeQL Bundle into platform bundles
+#
+# Instructions:
+#  1. Upload the new codeql-bundle (codeql-bundle.tar.gz) as an asset of the
+#     release (codeql-bundle-20200826)
+#  2. Take note of the CLI Release used by the bundle (e.g., v2.2.5)
+#  3. Manually launch this workflow file (via the Actions UI) specifying
+#     - The CLI Release (e.g., v2.2.5)
+#     - The release tag (e.g., codeql-bundle-20200826)
+#  4. If everything succeeds you should see 3 new assets.
+#
+
+name: Split Bundle
+
+on:
+ workflow_dispatch:
+    inputs:
+      cli-release:
+        description: 'CodeQL CLI Release (e.g., "v2.2.5")'
+        required: true
+      bundle-tag:
+        description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
+        required: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      CLI_RELEASE: "${{ github.event.inputs.cli-release }}"
+      RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        platform: ["linux64", "osx64", "win64"]
+
+    steps:
+      - name: Resolve Upload URL for the release
+        id: save_url
+        run: |
+          UPLOAD_URL=$(curl -sS \
+               "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
+               -H "Accept: application/json" \
+               -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
+          echo ${UPLOAD_URL}
+          echo "::set-output name=upload_url::${UPLOAD_URL}"
+
+      - name: Download CodeQL CLI and Bundle
+        run: |
+          wget --no-verbose "https://github.com/${GITHUB_REPOSITORY}/releases/download/${RELEASE_TAG}/codeql-bundle.tar.gz"
+          wget --no-verbose "https://github.com/github/codeql-cli-binaries/releases/download/${CLI_RELEASE}/codeql-${{matrix.platform}}.zip"
+
+      - name: Create Platform Package
+        # Replace the codeql-binaries with the platform specific ones
+        run: |
+          gunzip codeql-bundle.tar.gz
+          tar -f codeql-bundle.tar --delete codeql
+          unzip -q codeql-${{matrix.platform}}.zip
+          tar -f codeql-bundle.tar --append codeql
+          gzip codeql-bundle.tar
+          mv codeql-bundle.tar.gz codeql-bundle-${{matrix.platform}}.tar.gz
+          du -sh codeql-bundle-${{matrix.platform}}.tar.gz
+
+      - name: Upload Platform Package
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.save_url.outputs.upload_url }}
+          asset_path: ./codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_name: codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_content_type: application/tar+gzip