Add job run UUID to SARIF output

Author: henrymercer

lib/codeql.js

@@ -870,6 +870,7 @@ export async function getCodeQLForCmd(
         )}`,
         "--sarif-group-rules-by-pack",
         ...(await getCodeScanningQueryHelpArguments(this)),
+        ...(await getJobRunUuidSarifOptions(this)),
         ...getExtraOptionsFromEnv(["database", "interpret-results"]),
       ];
       if (automationDetailsId !== undefined) {
@@ -1423,3 +1424,14 @@ function applyAutobuildAzurePipelinesTimeoutFix() {
     "-Dmaven.wagon.http.pool=false",
   ].join(" ");
 }
+
+async function getJobRunUuidSarifOptions(codeql: CodeQL) {
+  const jobRunUuid = process.env[EnvVar.JOB_RUN_UUID];
+
+  return jobRunUuid &&
+    (await codeql.supportsFeature(
+      ToolsFeature.DatabaseInterpretResultsSupportsSarifRunProperty,
+    ))
+    ? [`--sarif-run-property=jobRunUuid=${jobRunUuid}`]
+    : [];
+}

lib/codeql.js.map

@@ -3,6 +3,7 @@ import type { VersionInfo } from "./codeql";
 export enum ToolsFeature {
   AnalysisSummaryV2IsDefault = "analysisSummaryV2Default",
   BuildModeOption = "buildModeOption",
+  DatabaseInterpretResultsSupportsSarifRunProperty = "databaseInterpretResultsSupportsSarifRunProperty",
   IndirectTracingSupportsStaticBinaries = "indirectTracingSupportsStaticBinaries",
   InformsAboutUnsupportedPathFilters = "informsAboutUnsupportedPathFilters",
   SetsCodeqlRunnerEnvVar = "setsCodeqlRunnerEnvVar",