github
diff --git a/‎analyze/action.yml‎
Lines changed: 3 additions & 0 deletions b/‎analyze/action.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎lib/upload-lib.js‎
Lines changed: 41 additions & 4 deletions b/‎lib/upload-lib.js‎
Lines changed: 41 additions & 4 deletions
diff --git a/‎lib/upload-lib.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/upload-lib.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/util.js‎
Lines changed: 5 additions & 1 deletion b/‎lib/util.js‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎lib/util.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/util.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/upload-lib.ts‎
Lines changed: 57 additions & 1 deletion b/‎src/upload-lib.ts‎
Lines changed: 57 additions & 1 deletion
diff --git a/‎src/util.ts‎
Lines changed: 4 additions & 0 deletions b/‎src/util.ts‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎upload-sarif/action.yml‎
Lines changed: 3 additions & 0 deletions b/‎upload-sarif/action.yml‎
Lines changed: 3 additions & 0 deletions
@@ -42,6 +42,9 @@ inputs:
     description: Whether to upload the resulting CodeQL database
     required: false
     default: "true"
+  wait-for-processing:
+    description: If true, the Action will wait for the uploaded SARIF to be processed before completing.
+    required: false
   token:
     default: ${{ github.token }}
   matrix:
 
@@ -110,6 +110,8 @@ async function uploadPayload(
 
   logger.debug(`response status: ${response.status}`);
   logger.info("Successfully uploaded results");
+
+  return response.data.id;
 }
 
 export interface UploadStatusReport {
@@ -159,6 +161,7 @@ export async function uploadFromActions(
     actionsUtil.getWorkflowRunID(),
     actionsUtil.getRequiredInput("checkout_path"),
     actionsUtil.getRequiredInput("matrix"),
+    actionsUtil.getOptionalInput("wait-for-processing") === "true",
     gitHubVersion,
     apiDetails,
     logger
@@ -190,6 +193,7 @@ export async function uploadFromRunner(
     undefined,
     sourceRoot,
     undefined,
+    false,
     gitHubVersion,
     apiDetails,
     logger
@@ -323,6 +327,9 @@ export function buildPayload(
   }
 }
 
+const STATUS_CHECK_FREQUENCY_MILLISECONDS = 5 * 1000;
+const STATUS_CHECK_TIMEOUT_MILLISECONDS = 2 * 60 * 1000;
+
 // Uploads the given set of sarif files.
 // Returns true iff the upload occurred and succeeded
 async function uploadFiles(
@@ -336,6 +343,7 @@ async function uploadFiles(
   workflowRunID: number | undefined,
   sourceRoot: string,
   environment: string | undefined,
+  waitForProcessing: boolean,
   gitHubVersion: util.GitHubVersion,
   apiDetails: api.GitHubApiDetails,
   logger: Logger
@@ -399,10 +407,58 @@ async function uploadFiles(
   logger.debug(`Number of results in upload: ${numResultInSarif}`);
 
   // Make the upload
-  await uploadPayload(payload, repositoryNwo, apiDetails, logger);
+  const sarifID = await uploadPayload(
+    payload,
+    repositoryNwo,
+    apiDetails,
+    logger
+  );
 
   logger.endGroup();
 
+  if (waitForProcessing) {
+    logger.startGroup("Waiting for processing to finish");
+    logger.info(`SARIF has identifier ${sarifID}.`)
+    const client = api.getApiClient(apiDetails);
+
+    const statusCheckingStarted = Date.now();
+    // eslint-disable-next-line no-constant-condition
+    while (true) {
+      if (
+        Date.now() >
+        statusCheckingStarted + STATUS_CHECK_TIMEOUT_MILLISECONDS
+      ) {
+        // If the analysis hasn't finished processing in the allotted time, we continue anyway rather than failing.
+        // It's possible the analysis will eventually finish processing, but it's not worth spending more Actions time waiting.
+        logger.warning(
+          "Timed out waiting for analysis to finish processing. Continuing."
+        );
+        break;
+      }
+      // We put the delay at the start of the loop, since it's unlikely that the analysis will have succeeded immediately. We might as well wait preemptively.
+      await util.delay(STATUS_CHECK_FREQUENCY_MILLISECONDS);
+      const response = await client.request(
+        "GET /repos/:owner/:repo/code-scanning/analyses",
+        {
+          owner: repositoryNwo.owner,
+          repo: repositoryNwo.repo,
+          sarif_id: sarifID,
+        }
+      );
+      if (response.data.length === 0) {
+        logger.info(`Analysis is still being processed...`);
+      }
+      else {
+        const analysis = response.data[0];
+        if (analysis.error) {
+          throw new Error(`Processing of the uploaded SARIF file failed: ${analysis.error}`)
+        }
+        break;
+      }
+    }
+    logger.endGroup();
+  }
+
   return {
     raw_upload_size_bytes: rawUploadSizeBytes,
     zipped_upload_size_bytes: zippedUploadSizeBytes,
 
@@ -516,3 +516,7 @@ export async function codeQlVersionAbove(
 ): Promise<boolean> {
   return semver.gte(await codeql.getVersion(), requiredVersion);
 }
+
+export async function delay(milliseconds: number) {
+  return new Promise((resolve) => setTimeout(resolve, milliseconds));
+}
@@ -17,6 +17,9 @@ inputs:
   category:
     description: String used by Code Scanning for matching the analyses
     required: false
+  wait-for-processing:
+    description: If true, the Action will wait for the uploaded SARIF to be processed before completing.
+    required: false
 runs:
   using: 'node12'
   main: '../lib/upload-sarif-action.js'
Original file line number	Diff line number	Diff line change
`@@ -516,3 +516,7 @@ export async function codeQlVersionAbove(`
`516`	`516`	`): Promise<boolean> {`
`517`	`517`	`return semver.gte(await codeql.getVersion(), requiredVersion);`
`518`	`518`	`}`
	`519`	`+`
	`520`	`+export async function delay(milliseconds: number) {`
	`521`	`+ return new Promise((resolve) => setTimeout(resolve, milliseconds));`
	`522`	`+}`