Add support for new matrix format with language and build-mode

.gitignore

@@ -1 +1,3 @@
-venv/
+venv/
+__pycache__/
+*.pyc

README.md

@@ -30,7 +30,7 @@ jobs:
   create-matrix:
     runs-on: ubuntu-latest
     outputs:
-      matrix: ${{ steps.set-matrix.outputs.languages }}
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
     steps:
       - name: Get languages from repo
         id: set-matrix
@@ -51,8 +51,7 @@ jobs:
 
     strategy:
       fail-fast: false
-      matrix: 
-        language: ${{ fromJSON(needs.create-matrix.outputs.matrix) }}
+      matrix: ${{ fromJSON(needs.create-matrix.outputs.matrix) }}
 
     steps:
     - name: Checkout repository
@@ -63,10 +62,17 @@ jobs:
       uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+        build-mode: ${{ matrix.build-mode }}
+
+    - if: matrix.build-mode == 'manual'
+      shell: bash
+      run: |
+        echo 'If you are using a "manual" build mode for one or more of the' \
+          'languages you are analyzing, replace this with the commands to build' \
+          'your code, for example:'
+        echo '  make bootstrap'
+        echo '  make release'
+        exit 1
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3
@@ -82,7 +88,7 @@ Example:
   create-matrix:
     runs-on: ubuntu-latest
     outputs:
-      matrix: ${{ steps.set-matrix.outputs.languages }}
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
     steps:
       - name: Get languages from repo
         id: set-matrix
@@ -94,6 +100,28 @@ Example:
 
 ```
 
+### Build Mode Override
+By default, the action sets the build mode to:
+- `none` for most languages (python, javascript, ruby, rust, actions, etc.)
+- `manual` for languages that typically require custom build steps (go, swift, java)
+
+If you want to override this behavior and use manual build mode for specific languages, use the `build-mode-override` input:
+
+``` yaml
+  create-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Get languages from repo
+        id: set-matrix
+        uses: advanced-security/set-codeql-language-matrix@v1
+        with:
+          access-token: ${{ secrets.GITHUB_TOKEN }}
+          endpoint: ${{ github.event.repository.languages_url }}
+          build-mode-override: 'python, ruby'
+```
+
 ### Actions support
 
 The GitHub API for [List repository languages](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#list-repository-languages) does not by default include "YAML"/"GitHub Actions". This is particularly useful if your repository contains GitHub Actions workflows that you want to include in CodeQL analysis.

action.yml

@@ -12,14 +12,20 @@ inputs:
   exclude:
     description: 'Use a comma separated list here to exclude specific languges from your CodeQL scan.  Example: "python, java"'
     required: false
+  build-mode-override:
+    description: 'Use a comma separated list here to specify languages that should use manual build mode instead of the default. Example: "python, ruby"'
+    required: false
 outputs:
+  matrix:
+    description: 'Matrix definition including language and build-mode configurations'
   languages:
-    description: 'List of languages that will set the job matrix'
+    description: 'List of languages that will set the job matrix (deprecated - use matrix instead)'
 runs:
   using: 'docker'
   image: 'Dockerfile'
   args:
    - ${{ inputs.access-token }}
    - ${{ inputs.endpoint }}
    - ${{ inputs.exclude }}
+   - ${{ inputs.build-mode-override }}
 

entrypoint.sh

@@ -1,4 +1,4 @@
 #!/bin/sh -l
 
 # kick off the command
-python /main.py $1 $2 "$3"
+python /main.py $1 $2 "$3" "$4"

main.py

@@ -5,7 +5,8 @@
 
 token = sys.argv[1]
 endpoint = sys.argv[2]
-exclude = sys.argv[3]
+exclude = sys.argv[3] if len(sys.argv) > 3 else ""
+build_mode_override = sys.argv[4] if len(sys.argv) > 4 else ""
 codeql_languages = ["actions", "cpp", "csharp", "go", "java", "javascript", "python", "ruby", "rust", "typescript", "kotlin", "swift"]
 
 
@@ -38,11 +39,44 @@ def build_languages_list(languages):
 
 # return a list of objects from language list if they are not in the exclude list
 def exclude_languages(language_list):
+    if not exclude:
+        return language_list
     excluded = [x.strip() for x in exclude.split(',')]
     output = list(set(language_list).difference(excluded))
     print("languages={}".format(output))
     return output
 
+# Determine build mode for each language
+def get_build_mode(language):
+    # Languages that should use manual build mode by default
+    manual_languages = ["go", "swift", "java"]
+
+    # Check if user overrode build mode to manual
+    if build_mode_override:
+        override_languages = [x.strip() for x in build_mode_override.split(',')]
+        if language in override_languages:
+            return "manual"
+
+    # Use default logic
+    if language in manual_languages:
+        return "manual"
+    else:
+        return "none"
+
+# Build the matrix include format
+def build_matrix(language_list):
+    include = []
+    for language in language_list:
+        build_mode = get_build_mode(language)
+        include.append({
+            "language": language,
+            "build-mode": build_mode
+        })
+
+    matrix = {"include": include}
+    print("Matrix:", matrix)
+    return matrix
+
 # Set the output of the action
 def set_action_output(output_name, value) :
     if "GITHUB_OUTPUT" in os.environ :
@@ -52,8 +86,11 @@ def set_action_output(output_name, value) :
 def main():
     languages = get_languages()
     language_list = build_languages_list(languages)
-    output = exclude_languages(language_list)
-    set_action_output("languages", json.dumps(output))
+    filtered_languages = exclude_languages(language_list)
+    matrix = build_matrix(filtered_languages)
+    set_action_output("matrix", json.dumps(matrix))
+    # Keep the old output for backward compatibility
+    set_action_output("languages", json.dumps(filtered_languages))
 
 if __name__ == '__main__':
     main()