Introduce CODEQL_ACTION_SKIP_SARIF_UPLOAD

This triggers a subset of the behavior of `CODEQL_ACTION_TEST_MODE`,
specifically just skipping the SARIF upload step. This is required for
our internal testing where we want the SARIF file (via
`CODEQL_ACTION_DUMP_SARIF_DIR`) but don't want to actually upload it,
but we don't want the rest of the behaviour of `CODEQL_ACTION_TEST_MODE`
that is specific for `codeql-action` own CI checks.

Author: redsun82

lib/analyze-action.js

@@ -128,4 +128,10 @@ export enum EnvVar {
    * whether the upload is disabled. This is intended for testing and debugging purposes.
    */
   SARIF_DUMP_DIR = "CODEQL_ACTION_SARIF_DUMP_DIR",
+
+  /**
+   * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes.
+   * This setting is implied but is more specific than `CODEQL_ACTION_TEST_MODE`.
+   */
+  SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD",
 }

lib/init-action-post.js

@@ -19,8 +19,8 @@ import {
   delay,
   getErrorMessage,
   getRequiredEnvParam,
-  isInTestMode,
   parseMatrixInput,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 import {
@@ -81,7 +81,7 @@ async function maybeUploadFailedSarif(
     !["always", "failure-only"].includes(
       actionsUtil.getUploadValue(shouldUpload),
     ) ||
-    isInTestMode()
+    shouldSkipSarifUpload()
   ) {
     return { upload_failed_run_skipped_because: "SARIF upload is disabled" };
   }

lib/upload-lib.js

@@ -356,18 +356,16 @@ async function uploadPayload(
 ): Promise<string> {
   logger.info("Uploading results");
 
-  // If in test mode we don't want to upload the results
-  if (util.isInTestMode()) {
+  // If in test mode we don't want to upload the results,
+  if (util.shouldSkipSarifUpload()) {
     const payloadSaveFile = path.join(
       actionsUtil.getTemporaryDirectory(),
       "payload.json",
     );
-    logger.info(
-      `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`,
-    );
+    logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`);
     logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`);
     fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2));
-    return "test-mode-sarif-id";
+    return "dummy-sarif-id";
   }
 
   const client = api.getApiClient();

lib/upload-sarif-action.js

@@ -23,7 +23,7 @@ import {
   checkDiskUsage,
   getErrorMessage,
   initializeEnvironment,
-  isInTestMode,
+  shouldSkipSarifUpload,
   wrapError,
 } from "./util";
 
@@ -113,8 +113,8 @@ async function run() {
     core.setOutput("sarif-ids", JSON.stringify(uploadResults));
 
     // We don't upload results in test mode, so don't wait for processing
-    if (isInTestMode()) {
-      core.debug("In test mode. Waiting for processing is disabled.");
+    if (shouldSkipSarifUpload()) {
+      core.debug("SARIF upload disabled. Waiting for processing is disabled.");
     } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") {
       if (codeScanningResult !== undefined) {
         await upload_lib.waitForProcessing(

src/environment.ts

@@ -764,12 +764,19 @@ export function isGoodVersion(versionSpec: string) {
 /**
  * Returns whether we are in test mode. This is used by CodeQL Action PR checks.
  *
- * In test mode, we don't upload SARIF results or status reports to the GitHub API.
+ * In test mode, we several uploads (SARIF results, status reports, DBs, ...).
  */
 export function isInTestMode(): boolean {
   return process.env[EnvVar.TEST_MODE] === "true";
 }
 
+/**
+ * Returns whether we specifically want to skip uploading SARIF files.
+ */
+export function shouldSkipSarifUpload(): boolean {
+  return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true";
+}
+
 /**
  * Get the testing environment.
  *