Reality2byte
diff --git a/‎.github/workflows/pr-checks.yml‎
Lines changed: 45 additions & 1 deletion b/‎.github/workflows/pr-checks.yml‎
Lines changed: 45 additions & 1 deletion
diff --git a/‎init/action.yml‎
Lines changed: 8 additions & 0 deletions b/‎init/action.yml‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎lib/config-utils.js‎
Lines changed: 70 additions & 12 deletions b/‎lib/config-utils.js‎
Lines changed: 70 additions & 12 deletions
diff --git a/‎lib/config-utils.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/config-utils.js.map‎
Lines changed: 1 addition & 1 deletion
@@ -101,7 +101,7 @@ jobs:
         fi
 
   # Packaging test that runs against a javascript database
-  test-packaging-javascript:
+  test-packaging-javascript-config:
     needs: [check-js, check-node-modules]
     runs-on: ubuntu-latest
 
@@ -143,6 +143,50 @@ jobs:
           exit 1
         fi
 
+  # tests that we can run packages through actions inputs
+  test-packaging-javascript-inputs:
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+        mv ../action/.github/workflows .github
+    - uses: ./../action/init
+      with:
+        config-file: ".github/codeql/codeql-config-packaging2.yml"
+        languages: javascript
+        packs: dsp-testing/[email protected], dsp-testing/codeql-pack2
+        # TODO: this can be removed when cli v2.5.6 is released and available in the tool cache
+        tools: https://github.com/dsp-testing/aeisenberg-codeql-action-packaging/releases/download/codeql-bundle-20210615/codeql-bundle-linux64.tar.gz
+
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: "${{ runner.temp }}/results"
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+
   # Identify the CodeQL tool versions to integration test against.
   check-codeql-versions:
     needs: [check-js, check-node-modules]
 
@@ -22,6 +22,14 @@ inputs:
   queries:
     description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
     required: false
+  packs:
+    description: >-
+      Comma-separated list of packs to run. Reference a pack in the format `scope/name[@version]`. If `version` is not
+      specified, then the latest version of the pack is used. By default, this overrides the same setting in a
+      configuration file; prefix with "+" to use both sets of packs.
+
+      This input is only available in single-language analyses.
+    required: false
   external-repository-token:
     description: A token for fetching external config files and queries if they reside in a private repository.
     required: false