robojerk/codeql-action

Merge branch 'main' into issue-1589-config-param

Browse source
This commit is contained in:
Tugdual Grall 2023-04-10 07:33:09 +02:00 committed by GitHub
commit 18f13455eb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
119 changed files with 527 additions and 292 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/analyze-action-post.ts
View file

@ -7,13 +7,15 @@ import * as core from "@actions/core";
import * as analyzeActionPostHelper from "./analyze-action-post-helper";
import * as debugArtifacts from "./debug-artifacts";
import { wrapError } from "./util";
async function runWrapper() {
try {
await analyzeActionPostHelper.run(debugArtifacts.uploadSarifDebugArtifact);
} catch (error) {
core.setFailed(`analyze post-action step failed: ${error}`);
console.log(error);
core.setFailed(
`analyze post-action step failed: ${wrapError(error).message}`
);
}
}

9
src/analyze-action.ts
View file

@ -31,7 +31,7 @@ import { getTotalCacheSize, uploadTrapCaches } from "./trap-caching";
import * as upload_lib from "./upload-lib";
import { UploadResult } from "./upload-lib";
import * as util from "./util";
import { checkForTimeout } from "./util";
import { checkForTimeout, wrapError } from "./util";
interface AnalysisStatusReport
extends upload_lib.UploadStatusReport,
@ -313,9 +313,8 @@ async function run() {
CODEQL_ACTION_ANALYZE_DID_COMPLETE_SUCCESSFULLY,
"true"
);
} catch (origError) {
const error =
origError instanceof Error ? origError : new Error(String(origError));
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
if (
actionsUtil.getOptionalInput("expect-error") !== "true" ||
hasBadExpectErrorInput()
@ -396,7 +395,7 @@ async function runWrapper() {
try {
await runPromise;
} catch (error) {
core.setFailed(`analyze action failed: ${error}`);
core.setFailed(`analyze action failed: ${wrapError(error).message}`);
}
await checkForTimeout();
}

19
src/autobuild-action.ts
View file

@ -15,7 +15,11 @@ import * as configUtils from "./config-utils";
import { Language } from "./languages";
import { getActionsLogger } from "./logging";
import { CODEQL_ACTION_DID_AUTOBUILD_GOLANG } from "./shared-environment";
import { checkGitHubVersionInRange, initializeEnvironment } from "./util";
import {
checkGitHubVersionInRange,
initializeEnvironment,
wrapError,
} from "./util";
interface AutobuildStatusReport extends StatusReportBase {
/** Comma-separated set of languages being auto-built. */
@ -89,18 +93,16 @@ async function run() {
}
}
}
} catch (error) {
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
core.setFailed(
`We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps. ${
error instanceof Error ? error.message : String(error)
}`
`We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps. ${error.message}`
);
console.log(error);
await sendCompletedStatusReport(
startedAt,
languages ?? [],
currentLanguage,
error instanceof Error ? error : new Error(String(error))
error
);
return;
}
@ -112,8 +114,7 @@ async function runWrapper() {
try {
await run();
} catch (error) {
core.setFailed(`autobuild action failed. ${error}`);
console.log(error);
core.setFailed(`autobuild action failed. ${wrapError(error).message}`);
}
}

4
src/codeql.test.ts
View file

@ -554,13 +554,13 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t)
tagName: "codeql-bundle-20230203",
});
mockDownloadApi({
repo: "dsp-testing/codeql-cli-nightlies",
repo: "codeql-testing/codeql-cli-nightlies",
platformSpecific: false,
tagName: "codeql-bundle-20230203",
});
const result = await codeql.setupCodeQL(
"https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz",
"https://github.com/codeql-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz",
sampleApiDetails,
tmpDir,
util.GitHubVariant.DOTCOM,

30
src/codeql.ts
View file

@ -25,6 +25,7 @@ import {
getTrapCachingExtractorConfigArgsForLang,
} from "./trap-caching";
import * as util from "./util";
import { wrapError } from "./util";
type Options = Array<string | number | boolean>;
@ -371,7 +372,7 @@ export async function setupCodeQL(
toolsVersion,
};
} catch (e) {
logger.error(e instanceof Error ? e : new Error(String(e)));
logger.error(wrapError(e).message);
throw new Error("Unable to download and extract CodeQL CLI");
}
}
@ -878,7 +879,9 @@ export async function getCodeQLForCmd(
Feature.ExportDiagnosticsEnabled,
this
);
const codeqlOutputFile = shouldExportDiagnostics
// Update this to take into account the CodeQL version when we have a version with the fix.
const shouldWorkaroundInvalidNotifications = shouldExportDiagnostics;
const codeqlOutputFile = shouldWorkaroundInvalidNotifications
? path.join(config.tempDir, "codeql-intermediate-results.sarif")
: sarifFile;
const codeqlArgs = [
@ -924,7 +927,7 @@ export async function getCodeQLForCmd(
errorMatchers
);
if (shouldExportDiagnostics) {
if (shouldWorkaroundInvalidNotifications) {
util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
}
@ -1027,17 +1030,18 @@ export async function getCodeQLForCmd(
tempDir: string,
logger: Logger
): Promise<void> {
const intermediateSarifFile = path.join(
tempDir,
"codeql-intermediate-results.sarif"
);
// Update this to take into account the CodeQL version when we have a version with the fix.
const shouldWorkaroundInvalidNotifications = true;
const codeqlOutputFile = shouldWorkaroundInvalidNotifications
? path.join(tempDir, "codeql-intermediate-results.sarif")
: sarifFile;
const args = [
"database",
"export-diagnostics",
`${databasePath}`,
"--db-cluster", // Database is always a cluster for CodeQL versions that support diagnostics.
"--format=sarif-latest",
`--output=${intermediateSarifFile}`,
`--output=${codeqlOutputFile}`,
"--sarif-include-diagnostics", // ExportDiagnosticsEnabled is always true if this command is run.
"-vvv",
...getExtraOptionsFromEnv(["diagnostics", "export"]),
@ -1047,12 +1051,10 @@ export async function getCodeQLForCmd(
}
await new toolrunner.ToolRunner(cmd, args).exec();
// Fix invalid notifications in the SARIF file output by CodeQL.
util.fixInvalidNotificationsInFile(
intermediateSarifFile,
sarifFile,
logger
);
if (shouldWorkaroundInvalidNotifications) {
// Fix invalid notifications in the SARIF file output by CodeQL.
util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
}
},
async diagnosticsExport(
sarifFile: string,

10
src/config-utils.test.ts
View file

@ -2412,7 +2412,7 @@ test("downloadPacks-with-registries", async (t) => {
{
// no slash
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
@ -2502,7 +2502,7 @@ test("downloadPacks-with-registries fails on 2.10.3", async (t) => {
const registriesInput = yaml.dump([
{
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
@ -2544,7 +2544,7 @@ test("downloadPacks-with-registries fails with invalid registries block", async
const registriesInput = yaml.dump([
{
// missing url property
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
@ -2583,7 +2583,7 @@ test("no generateRegistries when CLI is too old", async (t) => {
{
// no slash
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
]);
@ -2632,7 +2632,7 @@ test("generateRegistries prefers original CODEQL_REGISTRIES_AUTH", async (t) =>
const registriesInput = yaml.dump([
{
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
]);

8
src/defaults.json
View file

@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-20230317",
"cliVersion": "2.12.5",
"priorBundleVersion": "codeql-bundle-20230304",
"priorCliVersion": "2.12.4"
"bundleVersion": "codeql-bundle-20230403",
"cliVersion": "2.12.6",
"priorBundleVersion": "codeql-bundle-20230317",
"priorCliVersion": "2.12.5"
}

14
src/init-action-post-helper.ts
View file

@ -8,7 +8,12 @@ import { Logger } from "./logging";
import { RepositoryNwo } from "./repository";
import { CODEQL_ACTION_ANALYZE_DID_COMPLETE_SUCCESSFULLY } from "./shared-environment";
import * as uploadLib from "./upload-lib";
import { getRequiredEnvParam, isInTestMode, parseMatrixInput } from "./util";
import {
getRequiredEnvParam,
isInTestMode,
parseMatrixInput,
wrapError,
} from "./util";
import {
getCategoryInputOrThrow,
getCheckoutPathInputOrThrow,
@ -28,11 +33,10 @@ export interface UploadFailedSarifResult extends uploadLib.UploadStatusReport {
function createFailedUploadFailedSarifResult(
error: unknown
): UploadFailedSarifResult {
const wrappedError = wrapError(error);
return {
upload_failed_run_error:
error instanceof Error ? error.message : String(error),
upload_failed_run_stack_trace:
error instanceof Error ? error.stack : undefined,
upload_failed_run_error: wrappedError.message,
upload_failed_run_stack_trace: wrappedError.stack,
};
}

18
src/init-action-post.ts
View file

@ -20,7 +20,11 @@ import { Features } from "./feature-flags";
import * as initActionPostHelper from "./init-action-post-helper";
import { getActionsLogger } from "./logging";
import { parseRepositoryNwo } from "./repository";
import { checkGitHubVersionInRange, getRequiredEnvParam } from "./util";
import {
checkGitHubVersionInRange,
getRequiredEnvParam,
wrapError,
} from "./util";
interface InitPostStatusReport
extends StatusReportBase,
@ -54,17 +58,17 @@ async function runWrapper() {
features,
logger
);
} catch (e) {
core.setFailed(e instanceof Error ? e.message : String(e));
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
core.setFailed(error.message);
console.log(e);
await sendStatusReport(
await createStatusReportBase(
"init-post",
getActionsStatus(e),
getActionsStatus(error),
startedAt,
String(e),
e instanceof Error ? e.stack : undefined
error.message,
error.stack
)
);
return;

54
src/init-action.ts
View file

@ -3,7 +3,6 @@ import * as path from "path";
import * as core from "@actions/core";
import {
ActionStatus,
createStatusReportBase,
getActionsStatus,
getActionVersion,
@ -46,6 +45,7 @@ import {
GitHubVariant,
initializeEnvironment,
isHostedRunner,
wrapError,
} from "./util";
import { validateWorkflow } from "./workflow";
@ -95,20 +95,22 @@ interface InitToolsDownloadFields {
tools_feature_flags_valid?: boolean;
}
async function sendInitStatusReport(
actionStatus: ActionStatus,
async function sendCompletedStatusReport(
startedAt: Date,
config: configUtils.Config | undefined,
toolsDownloadDurationMs: number | undefined,
toolsFeatureFlagsValid: boolean | undefined,
toolsSource: ToolsSource,
toolsVersion: string,
logger: Logger
logger: Logger,
error?: Error
) {
const statusReportBase = await createStatusReportBase(
"init",
actionStatus,
startedAt
getActionsStatus(error),
startedAt,
error?.message,
error?.stack
);
const workflowLanguages = getOptionalInput("languages");
@ -284,19 +286,24 @@ async function run() {
) {
try {
await installPythonDeps(codeql, logger);
} catch (err) {
const message = err instanceof Error ? err.message : String(err);
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
logger.warning(
`${message} You can call this action with 'setup-python-dependencies: false' to disable this process`
`${error.message} You can call this action with 'setup-python-dependencies: false' to disable this process`
);
}
}
} catch (e) {
const message = e instanceof Error ? e.message : String(e);
core.setFailed(message);
console.log(e);
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
core.setFailed(error.message);
await sendStatusReport(
await createStatusReportBase("init", "aborted", startedAt, message)
await createStatusReportBase(
"init",
"aborted",
startedAt,
error.message,
error.stack
)
);
return;
}
@ -366,24 +373,22 @@ async function run() {
}
core.setOutput("codeql-path", config.codeQLCmd);
} catch (error) {
core.setFailed(String(error));
console.log(error);
await sendInitStatusReport(
getActionsStatus(error),
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
core.setFailed(error.message);
await sendCompletedStatusReport(
startedAt,
config,
toolsDownloadDurationMs,
toolsFeatureFlagsValid,
toolsSource,
toolsVersion,
logger
logger,
error
);
return;
}
await sendInitStatusReport(
"success",
await sendCompletedStatusReport(
startedAt,
config,
toolsDownloadDurationMs,
@ -410,8 +415,7 @@ async function runWrapper() {
try {
await run();
} catch (error) {
core.setFailed(`init action failed: ${error}`);
console.log(error);
core.setFailed(`init action failed: ${wrapError(error).message}`);
}
await checkForTimeout();
}

4
src/setup-codeql.test.ts
View file

@ -8,7 +8,7 @@ import * as api from "./api-client";
import { getRunnerLogger } from "./logging";
import * as setupCodeql from "./setup-codeql";
import { setupTests } from "./testing-utils";
import { initializeEnvironment } from "./util";
import { initializeEnvironment, wrapError } from "./util";
setupTests(test);
@ -43,7 +43,7 @@ test("convert to semver", (t) => {
);
t.deepEqual(parsedVersion, expectedVersion);
} catch (e) {
t.fail(e instanceof Error ? e.message : String(e));
t.fail(wrapError(e).message);
}
}
});

4
src/setup-codeql.ts
View file

@ -18,7 +18,7 @@ import { CodeQLDefaultVersionInfo } from "./feature-flags";
import { ToolsSource } from "./init";
import { Logger } from "./logging";
import * as util from "./util";
import { isGoodVersion } from "./util";
import { isGoodVersion, wrapError } from "./util";
export const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
@ -145,7 +145,7 @@ export async function tryFindCliVersionDotcomOnly(
} catch (e) {
logger.debug(
`Failed to find the CLI version for the CodeQL bundle tagged ${tagName}. ${
e instanceof Error ? e.message : e
wrapError(e).message
}`
);
return undefined;

4
src/toolrunner-error-catcher.ts
View file

@ -3,6 +3,7 @@ import * as toolrunner from "@actions/exec/lib/toolrunner";
import * as safeWhich from "@chrisgavin/safe-which";
import { ErrorMatcher } from "./error-matcher";
import { wrapError } from "./util";
export interface ReturnState {
exitCode: number;
@ -81,7 +82,6 @@ export async function toolrunnerErrorCatcher(
);
}
} catch (e) {
const error = e instanceof Error ? e : new Error(String(e));
throw error;
throw wrapError(e);
}
}

6
src/upload-lib.ts
View file

@ -15,7 +15,7 @@ import { Logger } from "./logging";
import { parseRepositoryNwo, RepositoryNwo } from "./repository";
import { CODEQL_WORKFLOW_STARTED_AT } from "./shared-environment";
import * as util from "./util";
import { SarifFile, SarifResult, SarifRun } from "./util";
import { SarifFile, SarifResult, SarifRun, wrapError } from "./util";
import * as workflow from "./workflow";
// Takes a list of paths to sarif files and combines them together,
@ -204,9 +204,7 @@ export function countResultsInSarif(sarif: string): number {
parsedSarif = JSON.parse(sarif);
} catch (e) {
throw new Error(
`Invalid SARIF. JSON syntax error: ${
e instanceof Error ? e.message : String(e)
}`
`Invalid SARIF. JSON syntax error: ${wrapError(e).message}`
);
}
if (!Array.isArray(parsedSarif.runs)) {

14
src/upload-sarif-action.ts
View file

@ -9,6 +9,7 @@ import {
getRequiredEnvParam,
initializeEnvironment,
isInTestMode,
wrapError,
} from "./util";
interface UploadSarifStatusReport
@ -66,9 +67,9 @@ async function run() {
);
}
await sendSuccessStatusReport(startedAt, uploadResult.statusReport);
} catch (error) {
const message = error instanceof Error ? error.message : String(error);
const stack = error instanceof Error ? error.stack : String(error);
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
const message = error.message;
core.setFailed(message);
console.log(error);
await actionsUtil.sendStatusReport(
@ -77,7 +78,7 @@ async function run() {
actionsUtil.getActionsStatus(error),
startedAt,
message,
stack
error.stack
)
);
return;
@ -88,8 +89,9 @@ async function runWrapper() {
try {
await run();
} catch (error) {
core.setFailed(`codeql/upload-sarif action failed: ${error}`);
console.log(error);
core.setFailed(
`codeql/upload-sarif action failed: ${wrapError(error).message}`
);
}
}

6
src/util.test.ts
View file

@ -441,7 +441,11 @@ test("fixInvalidNotifications leaves notifications with unique locations alone",
getRecordingLogger(messages)
);
t.deepEqual(result, createMockSarifWithNotification([stubLocation]));
t.is(messages.length, 0);
t.is(messages.length, 1);
t.deepEqual(messages[0], {
type: "debug",
message: "No duplicate locations found in SARIF notification objects.",
});
});
test("fixInvalidNotifications removes duplicate locations", (t) => {

12
src/util.ts
View file

@ -113,10 +113,10 @@ export function getExtraOptionsEnvParam(): object {
}
try {
return JSON.parse(raw);
} catch (e) {
const message = e instanceof Error ? e.message : String(e);
} catch (unwrappedError) {
const error = wrapError(unwrappedError);
throw new Error(
`${varName} environment variable is set, but does not contain valid JSON: ${message}`
`${varName} environment variable is set, but does not contain valid JSON: ${error.message}`
);
}
}
@ -875,6 +875,8 @@ export function fixInvalidNotifications(
`Removed ${numDuplicateLocationsRemoved} duplicate locations from SARIF notification ` +
"objects."
);
} else {
logger.debug("No duplicate locations found in SARIF notification objects.");
}
return newSarif;
}
@ -888,3 +890,7 @@ export function fixInvalidNotificationsInFile(
sarif = fixInvalidNotifications(sarif, logger);
fs.writeFileSync(outputPath, JSON.stringify(sarif));
}
export function wrapError(error: unknown): Error {
return error instanceof Error ? error : new Error(String(error));
}