codeScanningUploadSarif

Upload an analysis as SARIF data

Details

Method: POST
Path: /repos/{owner}/{repo}/code-scanning/sarifs
Operation ID: code-scanning/upload-sarif

Parameters

{
  "owner": {
    "description": "The account owner of the repository. The name is not case sensitive.",
    "required": true,
    "location": "path",
    "type": "string"
  },
  "repo": {
    "description": "The name of the repository without the `.git` extension. The name is not case sensitive.",
    "required": true,
    "location": "path",
    "type": "string"
  },
  "commit_sha": {
    "description": "The SHA of the commit to which the analysis you are uploading relates.",
    "required": true,
    "location": "body",
    "type": "string"
  },
  "ref": {
    "description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/tags/<tag>`, `refs/pull/<number>/merge`, or `refs/pull/<number>/head`.",
    "required": true,
    "location": "body",
    "type": "string"
  },
  "sarif": {
    "description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning).\"",
    "required": true,
    "location": "body",
    "type": "string"
  },
  "checkout_uri": {
    "description": "The base directory used in the analysis, as it appears in the SARIF file.\nThis property is used to convert file paths from absolute to relative, so that alerts can be mapped to their correct location in the repository.",
    "required": false,
    "location": "body",
    "type": "string"
  },
  "started_at": {
    "description": "The time that the analysis run began. This is a timestamp in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format: `YYYY-MM-DDTHH:MM:SSZ`.",
    "required": false,
    "location": "body",
    "type": "string"
  },
  "tool_name": {
    "description": "The name of the tool used to generate the code scanning analysis. If this parameter is not used, the tool name defaults to \"API\". If the uploaded SARIF contains a tool GUID, this will be available for filtering using the `tool_guid` parameter of operations such as `GET /repos/{owner}/{repo}/code-scanning/alerts`.",
    "required": false,
    "location": "body",
    "type": "string"
  },
  "validate": {
    "description": "Whether the SARIF file will be validated according to the code scanning specifications.\nThis parameter is intended to help integrators ensure that the uploaded SARIF files are correctly rendered by code scanning.",
    "required": false,
    "location": "body",
    "type": "boolean"
  }
}

Response Schema

{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "An identifier for the upload.",
      "example": "6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53"
    },
    "url": {
      "type": "string",
      "description": "The REST API URL for checking the status of the upload.",
      "format": "uri",
      "readOnly": true
    }
  }
}

Usage

from ocp_agent import OCPAgent

agent = OCPAgent()
await agent.register_api('github')

# Call this tool
result = await agent.call_tool('codeScanningUploadSarif', {
    # Add required parameters here
})

codeScanningUpdateDefaultSetup codeSecurityGetConfigurationForRepository