Skip to content

Commit 63f52e7

Browse files
robertbrignullrobertbrignull
authored
Merge pull request #40 from github/upload_twice
Emit an error if upload happens twice
2 parents 886b7d3 + 3a883af commit 63f52e7

File tree

3 files changed

+9
-45
lines changed

3 files changed

+9
-45
lines changed

lib/upload-lib.js

Lines changed: 4 additions & 21 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/upload-lib.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/upload-lib.ts

Lines changed: 4 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
import * as core from '@actions/core';
22
import * as http from '@actions/http-client';
33
import * as auth from '@actions/http-client/auth';
4-
import * as io from '@actions/io';
54
import fileUrl from 'file-url';
65
import * as fs from 'fs';
76
import * as path from 'path';
@@ -11,19 +10,6 @@ import * as fingerprints from './fingerprints';
1110
import * as sharedEnv from './shared-environment';
1211
import * as util from './util';
1312

14-
// Construct the location of the sentinel file for detecting multiple uploads.
15-
// The returned location should be writable.
16-
async function getSentinelFilePath(): Promise<string> {
17-
// Use the temp dir instead of placing next to the sarif file because of
18-
// issues with docker actions. The directory containing the sarif file
19-
// may not be writable by us.
20-
const uploadsTmpDir = path.join(process.env['RUNNER_TEMP'] || '/tmp/codeql-action', 'uploads');
21-
await io.mkdirP(uploadsTmpDir);
22-
// Hash the absolute path so we'll behave correctly in the unlikely
23-
// scenario a file is referenced twice with different paths.
24-
return path.join(uploadsTmpDir, 'codeql-action-upload-sentinel');
25-
}
26-
2713
// Takes a list of paths to sarif files and combines them together,
2814
// returning the contents of the combined sarif file.
2915
export function combineSarifFiles(sarifFiles: string[]): string {
@@ -143,14 +129,12 @@ async function uploadFiles(sarifFiles: string[]): Promise<boolean> {
143129
core.startGroup("Uploading results");
144130
let succeeded = false;
145131
try {
146-
// Check if an upload has happened before. If so then abort.
147-
// This is intended to catch when the finish and upload-sarif actions
148-
// are used together, and then the upload-sarif action is invoked twice.
149-
const sentinelFile = await getSentinelFilePath();
150-
if (fs.existsSync(sentinelFile)) {
151-
core.info("Aborting as an upload has already happened from this job");
132+
const sentinelEnvVar = "CODEQL_UPLOAD_SARIF";
133+
if (process.env[sentinelEnvVar]) {
134+
core.error("Aborting upload: only one run of the codeql/analyze or codeql/upload-sarif actions is allowed per job");
152135
return false;
153136
}
137+
core.exportVariable(sentinelEnvVar, sentinelEnvVar);
154138

155139
const commitOid = util.getRequiredEnvParam('GITHUB_SHA');
156140
const workflowRunIDStr = util.getRequiredEnvParam('GITHUB_RUN_ID');
@@ -201,9 +185,6 @@ async function uploadFiles(sarifFiles: string[]): Promise<boolean> {
201185
// Make the upload
202186
succeeded = await uploadPayload(payload);
203187

204-
// Mark that we have made an upload
205-
fs.writeFileSync(sentinelFile, '');
206-
207188
} catch (error) {
208189
core.setFailed(error.message);
209190
}

0 commit comments

Comments
 (0)