Open hauleth opened 2 years ago
Hi @hauleth. Could you tell me more about what you're trying to do? Would you want the URL to be an output field of the codeql-action/analyze
or codeql-action/upload-sarif
actions?
I am working on formatter for Elixir projects that use Mix (aka almost all of them). I want to test whether the produced file contain all entries it should contain. Right now I am uploading the SARIF report "manually" via cURL
However I would prefer to use official action for that, to make it clearer and also allows me to reuse it as an example of how to use the project.
codeql-action/analyze
orcodeql-action/upload-sarif
actions
I should additionally use codeql-action/analyze
when I am using codeql-action/upload-sarif
? Documentation isn't clear whether that is the case (not that this really matter in my situation).
So in short - I want to fetch the generated report and check if it contains what it should contain via script in the repository.
SARIF upload endpoint returns 2 values:
url
id
Having access to at least
url
would be really handy, as it would allow testing for the result of the analysis in projects that want to output that format for GitHub CodeQL analysis.