robojerk/codeql-action

Analyze: Log the analysis summary in its own group

Browse source 
Fix grouping of the analysis logs, so that custom query logs also get grouped.
Capture the stdout of codeql database analyze, which contains the analysis summary
from summary and diagnostic queries.
Log this output in its own group, along with the baseline computed in the Action.
This commit is contained in:
Aditya Sharad 2021-05-19 16:01:06 -07:00
parent 6a9815718a
commit 19fe63f821
No known key found for this signature in database
GPG key ID: 66D1E528054C320C
10 changed files with 51 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/analyze.test.ts
View file

@ -76,6 +76,7 @@ test("status report fields and search path setting", async (t) => {
})
);
searchPathsUsed.push(searchPath!);
return "";
},
});

19
src/analyze.ts
View file

@ -169,15 +169,17 @@ export async function runQueries(
}
try {
let analysisSummary = "";
if (queries["builtin"].length > 0) {
const startTimeBuliltIn = new Date().getTime();
const sarifFile = await runQueryGroup(
const { sarifFile, stdout } = await runQueryGroup(
language,
"builtin",
queries["builtin"],
sarifFolder,
undefined
);
analysisSummary = stdout;
await injectLinesOfCode(sarifFile, language, locPromise);
statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
@ -188,7 +190,7 @@ export async function runQueries(
const temporarySarifFiles: string[] = [];
for (let i = 0; i < queries["custom"].length; ++i) {
if (queries["custom"][i].queries.length > 0) {
const sarifFile = await runQueryGroup(
const { sarifFile } = await runQueryGroup(
language,
`custom-${i}`,
queries["custom"][i].queries,
@ -206,8 +208,13 @@ export async function runQueries(
statusReport[`analyze_custom_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeCustom;
}
logger.endGroup();
// Print the LoC baseline and the summary results from database analyze.
logger.startGroup(`Analysis summary for ${language}`);
printLinesOfCodeSummary(logger, language, await locPromise);
logger.info(analysisSummary);
logger.endGroup();
} catch (e) {
logger.info(e);
statusReport.analyze_failure_language = language;
@ -226,7 +233,7 @@ export async function runQueries(
queries: string[],
destinationFolder: string,
searchPath: string | undefined
): Promise<string> {
): Promise<{ sarifFile: string; stdout: string }> {
const databasePath = util.getCodeQLDatabasePath(config, language);
// Pass the queries to codeql using a file instead of using the command
// line to avoid command line length restrictions, particularly on windows.
@ -240,7 +247,7 @@ export async function runQueries(
const sarifFile = path.join(destinationFolder, `${language}-${type}.sarif`);
const codeql = getCodeQL(config.codeQLCmd);
await codeql.databaseAnalyze(
const databaseAnalyzeStdout = await codeql.databaseAnalyze(
databasePath,
sarifFile,
searchPath,
@ -254,9 +261,7 @@ export async function runQueries(
logger.debug(
`SARIF results for database ${language} created at "${sarifFile}"`
);
logger.endGroup();
return sarifFile;
return { sarifFile, stdout: databaseAnalyzeStdout };
}
}

15
src/codeql.ts
View file

@ -96,7 +96,7 @@ export interface CodeQL {
addSnippetsFlag: string,
threadsFlag: string,
automationDetailsId: string | undefined
): Promise<void>;
): Promise<string>;
}
export interface ResolveQueriesOutput {
@ -688,7 +688,7 @@ function getCodeQLForCmd(cmd: string): CodeQL {
addSnippetsFlag: string,
threadsFlag: string,
automationDetailsId: string | undefined
) {
): Promise<string> {
const args = [
"database",
"analyze",
@ -712,7 +712,16 @@ function getCodeQLForCmd(cmd: string): CodeQL {
args.push("--sarif-category", automationDetailsId);
}
args.push(querySuite);
await new toolrunner.ToolRunner(cmd, args).exec();
// capture stdout, which contains analysis summaries
let output = "";
await new toolrunner.ToolRunner(cmd, args, {
listeners: {
stdout: (data: Buffer) => {
output += data.toString();
},
},
}).exec();
return output;
},
};
}