Fix nasa#572, Update CodeQL Upload Sarif to V2

ArielSAdams · Sep 13, 2022 · 7eed0ce · 7eed0ce
1 parent 2c88047
commit 7eed0ce
Showing 1 changed file with 22 additions and 6 deletions.
diff --git a/.github/workflows/codeql-reusable.yml b/.github/workflows/codeql-reusable.yml
@@ -40,6 +40,11 @@ on:
         default: false 
         required: false
 
+# Force bash to apply pipefail option so pipeline failures aren't masked
+defaults:
+  run:
+    shell: bash
+
 env:
   SIMULATION: native
   ENABLE_UNIT_TESTS: ${{inputs.test}}
@@ -94,9 +99,8 @@ jobs:
           git log -1 --pretty=oneline
           git submodule 
           rm -r .git
-          rm -r ${{ inputs.component-path }} 
+          rm -rf ${{ inputs.component-path }} 
           ln -s ${{github.workspace}} ${{ inputs.component-path }} 
-
       
       - name: Checkout ${{ github.repository }}
         uses: actions/checkout@v2
@@ -111,7 +115,7 @@ jobs:
         working-directory: ${{env.BUILD_DIRECTORY}}
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
         with:
           languages: c
           config-file: nasa/cFS/.github/codeql/codeql-${{matrix.scan-type}}.yml@main
@@ -121,13 +125,25 @@ jobs:
         working-directory: ${{env.BUILD_DIRECTORY}}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2
         with:
           add-snippets: true
           category: ${{matrix.scan-type}}
-
+          upload: false
+          output: CodeQL-Sarif-${{ matrix.scan-type }}
+
+      - name: Rename Sarif
+        run: |
+          mv CodeQL-Sarif-${{ matrix.scan-type }}/cpp.sarif CodeQL-Sarif-${{ matrix.scan-type }}/Codeql-${{ matrix.scan-type }}.sarif
+          sed -i 's/"name" : "CodeQL"/"name" : "CodeQL-${{ matrix.scan-type }}"/g' CodeQL-Sarif-${{ matrix.scan-type }}/Codeql-${{ matrix.scan-type }}.sarif
+          
       - name: Archive Sarif
         uses: actions/upload-artifact@v2
         with:
           name: CodeQL-Sarif-${{ matrix.scan-type }}
-          path: /home/runner/work/${{env.REPO}}/results/cpp.sarif
+          path: CodeQL-Sarif-${{ matrix.scan-type }}
+
+      - name: Upload SARIF
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: CodeQL-Sarif-${{ matrix.scan-type }}/Codeql-${{ matrix.scan-type }}.sarif