Skip to content

Commit

Permalink
Only delete SARIF if not running on a fork
Browse files Browse the repository at this point in the history 
The `Upload failed SARIF` PR Check was failing when opened on a fork because of a permissions problem when deleting the uploaded SARIF. This change should fix this by only deleting the SARIF when the owner of the current repository is `github`.
  • Loading branch information
@angelapwen
angelapwen committed Jan 12, 2024
1 parent 9653106 commit 7fb8b00
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 3 deletions.
3 changes: 2 additions & 1 deletion lib/init-action-post-helper.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/init-action-post-helper.js.map
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 4 additions & 1 deletion src/init-action-post-helper.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,10 @@ export async function run(
);
}

if (process.env["CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF"] === "true") {
if (
process.env["CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF"] === "true" &&
process.env["GITHUB_REPOSITORY_OWNER"] === "github"

Check warning

Code scanning / CodeQL

Some environment variables may not exist in default setup workflows Warning

The environment variable GITHUB_REPOSITORY_OWNER may not exist in default setup workflows. If all uses are safe, add it to the list of environment variables that are known to be safe in 'queries/default-setup-environment-variables.ql'. If this use is safe but others are not, dismiss this alert as a false positive.
) {
await removeUploadedSarif(uploadFailedSarifResult, logger);
}

Expand Down

0 comments on commit 7fb8b00

Please sign in to comment.