Skip to content
Permalink
d5853409b4
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

codeql-action/CONTRIBUTING.md

Go to file
Andrew Eisenberg Allow the codeql-action to be run locally (#117)
Latest commit 42235cc Aug 4, 2020 History 
* Allow the codeql-action to be run locally

This change allows the codeql-action to be run locally through
[act](https://github.com/nektos/act).

In order to run the action locally, you need to do two things:

1. Add the `CODEQL_LOCAL_RUN: true` environment variable. The only way
   I could figure out how to do this was to add it directly in the
   workflow file in an `env` block. It _should_ be possible to add it
   through a `.env` file and pass it to `act`, but I couldn't get it
   working.
2. Run this command `act -j codeql -s GITHUB_TOKEN=<MY_PAT>`

Setting the `CODEQL_LOCAL_RUN` env var will fill in missing env vars
that the action needs, but isn't set by `act`. It will also avoid
making api calls to github that would fail locally.

This is a refactoring discussed in
https://github.com/github/dsp-codeql/issues/36
0 contributors

Users who have contributed to this file

Contributing Development and Testing Common tasks Running the action Running the action locally Integration tests Submitting a pull request Resources
72 lines (45 sloc) 3.77 KB
Raw Blame

Contributing

Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.

Contributions to this project are released to the public under the project's open source license.

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

Development and Testing

Before you start, ensure that you have a recent version of node installed. You can see which version of node is used by the action in init/action.yml.

Common tasks

  • Transpile the TypeScript to JavaScript: npm run build. Note that the JavaScript files are committed to git.
  • Run tests: npm run test. You’ll need to ensure that the JavaScript files are up-to-date first by running the command above.
  • Run the linter: npm run lint.

This project also includes configuration to run tests from VSCode (with support for breakpoints) - open the test file you wish to run and choose "Debug AVA test file" from the Run menu in the Run panel.

Running the action

To see the effect of your changes and to test them, push your changes in a branch and then look at the Actions output for that branch. You can also exercise the code locally by running the automated tests.

Running the action locally

It is possible to run this action locally via act via the following steps:

  1. Create a GitHub Personal Access Token (PAT).
  2. Install act v0.2.10 or greater.
  3. Add a .env file in the root of the project you are running:
CODEQL_LOCAL_RUN=true

# Optional, for better logging
GITHUB_JOB=<ANY_JOB_NAME>
  1. Run act -j codeql -s GITHUB_TOKEN=<PAT>

Running locally will generate the CodeQL database and run all the queries, but it will avoid uploading and reporting results to GitHub. Note that this must be done on a repository that consumes this action, not this repository. The use case is to debug failures of this action on specific repositories.

Integration tests

As well as the unit tests (see Common tasks above), there are integration tests, defined in .github/workflows/integration-testing.yml. These are run by a CI check. Depending on the change you’re making, you may want to add a test to this file or extend an existing one.

Submitting a pull request

  1. Fork and clone the repository
  2. Create a new branch: git checkout -b my-branch-name
  3. Make your change, add tests, and make sure the tests still pass
  4. Push to your fork and submit a pull request
  5. Pat yourself on the back and wait for your pull request to be reviewed and merged.

If you're a GitHub staff member, you can merge your own PR once it's approved; for external contributors, GitHub staff will merge your PR once it's approved.

Here are a few things you can do that will increase the likelihood of your pull request being accepted:

  • Write tests.
  • Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
  • Write a good commit message.

Resources