From c48cd247df861d9ba3bc6d36ab6cbc5c386f47fc Mon Sep 17 00:00:00 2001
From: "Michael B. Gale" <mbg@github.com>
Date: Wed, 11 Feb 2026 23:51:07 +0000
Subject: [PATCH] Add `assessment_id` to CSRA payload

---
 .github/workflows/__analysis-kinds.yml |  1 +
 lib/analyze-action.js                  |  6 +++++-
 lib/init-action-post.js                |  6 +++++-
 lib/upload-lib.js                      |  6 +++++-
 lib/upload-sarif-action.js             |  6 +++++-
 pr-checks/checks/analysis-kinds.yml    |  1 +
 src/analyses.ts                        | 15 ++++++++++++---
 src/upload-lib/types.ts                |  4 ++++
 8 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/__analysis-kinds.yml b/.github/workflows/__analysis-kinds.yml
index a4f21d510..b36a0bceb 100644
--- a/.github/workflows/__analysis-kinds.yml
+++ b/.github/workflows/__analysis-kinds.yml
@@ -130,6 +130,7 @@ jobs:
         with:
           script: ${{ env.CHECK_SCRIPT }}
     env:
+      CODEQL_ACTION_CSRA_ASSESSMENT_ID: 1
       CHECK_SCRIPT: |
         const fs = require('fs');
 
diff --git a/lib/analyze-action.js b/lib/analyze-action.js
index be8cca241..b22097055 100644
--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
@@ -106510,6 +106510,10 @@ var CodeQuality = {
   sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_",
   transformPayload: (payload) => payload
 };
+function addAssessmentId(payload) {
+  const assessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID");
+  return { ...payload, assessment_id: assessmentId };
+}
 var CSRA = {
   kind: "csra" /* CSRA */,
   name: "csra",
@@ -106518,7 +106522,7 @@ var CSRA = {
   sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension),
   fixCategory: fixCodeQualityCategory,
   sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_",
-  transformPayload: (payload) => payload
+  transformPayload: addAssessmentId
 };
 function getAnalysisConfig(kind) {
   switch (kind) {
diff --git a/lib/init-action-post.js b/lib/init-action-post.js
index c6a159158..45b490f7f 100644
--- a/lib/init-action-post.js
+++ b/lib/init-action-post.js
@@ -164569,6 +164569,10 @@ var CodeQuality = {
   sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_",
   transformPayload: (payload) => payload
 };
+function addAssessmentId(payload) {
+  const assessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID");
+  return { ...payload, assessment_id: assessmentId };
+}
 var CSRA = {
   kind: "csra" /* CSRA */,
   name: "csra",
@@ -164577,7 +164581,7 @@ var CSRA = {
   sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension),
   fixCategory: fixCodeQualityCategory,
   sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_",
-  transformPayload: (payload) => payload
+  transformPayload: addAssessmentId
 };
 
 // src/config/db-config.ts
diff --git a/lib/upload-lib.js b/lib/upload-lib.js
index ed56953ba..550606b15 100644
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@@ -106165,6 +106165,10 @@ var CodeQuality = {
   sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_",
   transformPayload: (payload) => payload
 };
+function addAssessmentId(payload) {
+  const assessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID");
+  return { ...payload, assessment_id: assessmentId };
+}
 var CSRA = {
   kind: "csra" /* CSRA */,
   name: "csra",
@@ -106173,7 +106177,7 @@ var CSRA = {
   sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension),
   fixCategory: fixCodeQualityCategory,
   sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_",
-  transformPayload: (payload) => payload
+  transformPayload: addAssessmentId
 };
 var SarifScanOrder = [
   CSRA,
diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js
index 14cef2738..b50d9322a 100644
--- a/lib/upload-sarif-action.js
+++ b/lib/upload-sarif-action.js
@@ -106203,6 +106203,10 @@ var CodeQuality = {
   sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_",
   transformPayload: (payload) => payload
 };
+function addAssessmentId(payload) {
+  const assessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID");
+  return { ...payload, assessment_id: assessmentId };
+}
 var CSRA = {
   kind: "csra" /* CSRA */,
   name: "csra",
@@ -106211,7 +106215,7 @@ var CSRA = {
   sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension),
   fixCategory: fixCodeQualityCategory,
   sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_",
-  transformPayload: (payload) => payload
+  transformPayload: addAssessmentId
 };
 function getAnalysisConfig(kind) {
   switch (kind) {
diff --git a/pr-checks/checks/analysis-kinds.yml b/pr-checks/checks/analysis-kinds.yml
index 86344eeb2..18483e6e1 100644
--- a/pr-checks/checks/analysis-kinds.yml
+++ b/pr-checks/checks/analysis-kinds.yml
@@ -3,6 +3,7 @@ description: "Tests basic functionality for different `analysis-kinds` inputs."
 versions: ["linked", "nightly-latest"]
 analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality", "csra"]
 env:
+  CODEQL_ACTION_CSRA_ASSESSMENT_ID: 1
   CHECK_SCRIPT: |
     const fs = require('fs');
 
diff --git a/src/analyses.ts b/src/analyses.ts
index 39486cab9..dd60c54ed 100644
--- a/src/analyses.ts
+++ b/src/analyses.ts
@@ -4,8 +4,8 @@ import {
   getRequiredInput,
 } from "./actions-util";
 import { Logger } from "./logging";
-import { UploadPayload } from "./upload-lib/types";
-import { ConfigurationError } from "./util";
+import { AssessmentPayload, UploadPayload } from "./upload-lib/types";
+import { ConfigurationError, getRequiredEnvParam } from "./util";
 
 export enum AnalysisKind {
   CodeScanning = "code-scanning",
@@ -178,6 +178,15 @@ export const CodeQuality: AnalysisConfig = {
   transformPayload: (payload) => payload,
 };
 
+/**
+ * Retrieves the CSRA assessment id from an environment variable and adds it to the payload.
+ * @param payload The base payload.
+ */
+function addAssessmentId(payload: UploadPayload): AssessmentPayload {
+  const assessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID");
+  return { ...payload, assessment_id: assessmentId };
+}
+
 export const CSRA: AnalysisConfig = {
   kind: AnalysisKind.CSRA,
   name: "csra",
@@ -186,7 +195,7 @@ export const CSRA: AnalysisConfig = {
   sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension),
   fixCategory: fixCodeQualityCategory,
   sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_",
-  transformPayload: (payload) => payload,
+  transformPayload: addAssessmentId,
 };
 
 /**
diff --git a/src/upload-lib/types.ts b/src/upload-lib/types.ts
index b86107557..8a6c27450 100644
--- a/src/upload-lib/types.ts
+++ b/src/upload-lib/types.ts
@@ -13,3 +13,7 @@ export interface UploadPayload {
   base_ref?: string;
   base_sha?: string;
 }
+
+export interface AssessmentPayload extends UploadPayload {
+  assessment_id: string;
+}