robojerk/codeql-action

Use --codescanning-config flag of CLI

Browse source
This commit is contained in:
Edoardo Pirovano 2021-11-23 14:37:57 +00:00
parent ef024e702c
commit 0d87b8c615
No known key found for this signature in database
GPG key ID: 047556B5D93FFE28
6 changed files with 50 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

27
lib/codeql.js generated
View file

@ -27,6 +27,7 @@ const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
const yaml = __importStar(require("js-yaml"));
const query_string_1 = __importDefault(require("query-string"));
const semver = __importStar(require("semver"));
const actions_util_1 = require("./actions-util");
@ -74,6 +75,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
exports.CODEQL_VERSION_COUNTS_LINES = "2.6.2";
const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
const CODEQL_VERSION_CONFIG_FILES = "2.7.3";
exports.CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
/**
* This variable controls using the new style of tracing from the CodeQL
@ -428,22 +430,30 @@ async function getCodeQLForCmd(cmd, checkVersion) {
...getExtraOptionsFromEnv(["database", "init"]),
]);
},
async databaseInitCluster(databasePath, languages, sourceRoot, processName, processLevel) {
const extraArgs = languages.map((language) => `--language=${language}`);
if (languages.filter(languages_1.isTracedLanguage).length > 0) {
async databaseInitCluster(config, sourceRoot, processName, processLevel) {
const extraArgs = config.languages.map((language) => `--language=${language}`);
if (config.languages.filter(languages_1.isTracedLanguage).length > 0) {
extraArgs.push("--begin-tracing");
if (processName !== undefined) {
extraArgs.push(`--trace-process-name=${processName}`);
}
else {
// We default to 3 if no other arguments are provided since this was the default
// behaviour of the Runner. Note this path never happens in the CodeQL Action
// because that always passes in a process name.
extraArgs.push(`--trace-process-level=${processLevel || 3}`);
}
}
if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES)) {
const configLocation = path.resolve(config.tempDir, "user-config.yaml");
fs.writeFileSync(configLocation, yaml.dump(config.originalUserInput));
extraArgs.push(`--codescanning-config=${configLocation}`);
}
await runTool(cmd, [
"database",
"init",
"--db-cluster",
databasePath,
config.dbLocation,
`--source-root=${sourceRoot}`,
...extraArgs,
...getExtraOptionsFromEnv(["database", "init"]),
@ -559,7 +569,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
if (extraSearchPath !== undefined) {
codeqlArgs.push("--additional-packs", extraSearchPath);
}
codeqlArgs.push(querySuitePath);
if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
codeqlArgs.push(querySuitePath);
}
await runTool(cmd, codeqlArgs);
},
async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, automationDetailsId) {
@ -585,7 +597,10 @@ async function getCodeQLForCmd(cmd, checkVersion) {
(await util.codeQlVersionAbove(this, CODEQL_VERSION_SARIF_GROUP))) {
codeqlArgs.push("--sarif-category", automationDetailsId);
}
codeqlArgs.push(databasePath, ...querySuitePaths);
codeqlArgs.push(databasePath);
if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
codeqlArgs.push(...querySuitePaths);
}
// capture stdout, which contains analysis summaries
return await runTool(cmd, codeqlArgs);
},