# Warning: This file is generated automatically, and should not be modified.
# Instead, please modify the template in the pr-checks directory and run:
#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
# to regenerate this file.

name: PR Check - Submit SARIF after failure
env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
on:
  push:
    branches:
    - main
    - releases/v*
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
jobs:
  submit-sarif-failure:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: ubuntu-latest
          version: default
        - os: ubuntu-latest
          version: nightly-latest
    name: Submit SARIF after failure
    permissions:
      contents: read
      security-events: write
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Setup Python on MacOS
      uses: actions/setup-python@v4
      if: >-
        matrix.os == 'macos-latest' && (

        matrix.version == 'stable-20220908' ||

        matrix.version == 'stable-20221211' ||

        matrix.version == 'stable-20230418' ||

        matrix.version == 'stable-v2.13.5' ||

        matrix.version == 'stable-v2.14.6')
      with:
        python-version: '3.11'
    - name: Check out repository
      uses: actions/checkout@v4
    - name: Prepare test
      id: prepare-test
      uses: ./.github/actions/prepare-test
      with:
        version: ${{ matrix.version }}
        use-all-platform-bundle: 'false'
    - name: Set environment variable for Swift enablement
      if: >-
        runner.os != 'Windows' && (
            matrix.version == '20220908' ||
            matrix.version == '20221211'
        )
      shell: bash
      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
    - uses: actions/checkout@v4
    - uses: ./init
      with:
        languages: javascript
    - name: Fail
    # We want this job to pass if the Action correctly uploads the SARIF file for
    # the failed run.
    # Setting this step to continue on error means that it is marked as completing
    # successfully, so will not fail the job.
      continue-on-error: true
      run: exit 1
    - uses: ./analyze
    # In a real workflow, this step wouldn't run. Since we used `continue-on-error`
    # above, we manually disable it with an `if` condition.
      if: false
      with:
        category: /test-codeql-version:${{ matrix.version }}
    env:
  # Internal-only environment variable used to indicate that the post-init Action
  # should expect to upload a SARIF file for the failed run.
      CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF: true
  # Make sure the uploading SARIF files feature is enabled.
      CODEQL_ACTION_UPLOAD_FAILED_SARIF: true
  # Upload the failed SARIF file as an integration test of the API endpoint.
      CODEQL_ACTION_TEST_MODE: false
  # Mark telemetry for this workflow so it can be treated separately.
      CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks