Revert "Revert usage of --codescanning-config flag"

This reverts commit 43d066495c.
2022-06-16 18:10:13 -07:00 · 2022-06-16 18:10:13 -07:00 · 237260b693
commit 237260b693
parent e8c48cc8cf
7 changed files with 76 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -42,6 +42,7 @@ No user facing changes.
 ## 2.1.7 - 05 Apr 2022

 - A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018)
+No user facing changes.

 ## 2.1.6 - 30 Mar 2022

--- a/lib/analyze.js
+++ b/lib/analyze.js
@ -137,7 +137,8 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
        }
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        try {
-            if (hasPackWithCustomQueries) {
+            if (hasPackWithCustomQueries &&
+                !(await util.codeQlVersionAbove(codeql, codeql_1.CODEQL_VERSION_CONFIG_FILES))) {
                logger.info("Performing analysis with custom CodeQL Packs.");
                logger.startGroup(`Downloading custom packs for ${language}`);
                const results = await codeql.packDownload(packsWithVersion);
--- a/lib/analyze.js.map
+++ b/lib/analyze.js.map
--- a/lib/codeql.js
+++ b/lib/codeql.js
@ -22,11 +22,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_ML_POWERED_QUERIES = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_ML_POWERED_QUERIES = exports.CODEQL_VERSION_CONFIG_FILES = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
+const yaml = __importStar(require("js-yaml"));
 const query_string_1 = __importDefault(require("query-string"));
 const semver = __importStar(require("semver"));
 const actions_util_1 = require("./actions-util");
@ -76,6 +77,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 exports.CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
+exports.CODEQL_VERSION_CONFIG_FILES = "2.8.2"; // Versions before 2.8.2 weren't tolerant to unknown properties
 exports.CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
 /**
@ -484,6 +486,27 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                    }
                }
            }
+            if (await util.codeQlVersionAbove(codeql, exports.CODEQL_VERSION_CONFIG_FILES)) {
+                const configLocation = path.resolve(config.tempDir, "user-config.yaml");
+                const augmentedConfig = config.originalUserInput;
+                if (config.injectedMlQueries) {
+                    // We need to inject the ML queries into the original user input before
+                    // we pass this on to the CLI, to make sure these get run.
+                    const packString = await util.getMlPoweredJsQueriesPack(codeql);
+                    if (augmentedConfig.packs === undefined)
+                        augmentedConfig.packs = [];
+                    if (Array.isArray(augmentedConfig.packs)) {
+                        augmentedConfig.packs.push(packString);
+                    }
+                    else {
+                        if (!augmentedConfig.packs.javascript)
+                            augmentedConfig.packs["javascript"] = [];
+                        augmentedConfig.packs["javascript"].push(packString);
+                    }
+                }
+                fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
+                extraArgs.push(`--codescanning-config=${configLocation}`);
+            }
            await runTool(cmd, [
                "database",
                "init",
@ -614,7 +637,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            if (extraSearchPath !== undefined) {
                codeqlArgs.push("--additional-packs", extraSearchPath);
            }
-            codeqlArgs.push(querySuitePath);
+            if (!(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_CONFIG_FILES))) {
+                codeqlArgs.push(querySuitePath);
+            }
            await runTool(cmd, codeqlArgs);
        },
        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, automationDetailsId) {
@ -641,7 +666,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                codeqlArgs.push("--sarif-category", automationDetailsId);
            }
            codeqlArgs.push(databasePath);
-            codeqlArgs.push(...querySuitePaths);
+            if (!(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_CONFIG_FILES))) {
+                codeqlArgs.push(...querySuitePaths);
+            }
            // capture stdout, which contains analysis summaries
            return await runTool(cmd, codeqlArgs);
        },
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/src/analyze.ts
+++ b/src/analyze.ts
@ -8,6 +8,7 @@ import * as yaml from "js-yaml";
 import * as analysisPaths from "./analysis-paths";
 import {
  CodeQL,
+  CODEQL_VERSION_CONFIG_FILES,
  CODEQL_VERSION_COUNTS_LINES,
  CODEQL_VERSION_NEW_TRACING,
  getCodeQL,
@ -243,7 +244,10 @@ export async function runQueries(

    const codeql = await getCodeQL(config.codeQLCmd);
    try {
-      if (hasPackWithCustomQueries) {
+      if (
+        hasPackWithCustomQueries &&
+        !(await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES))
+      ) {
        logger.info("Performing analysis with custom CodeQL Packs.");
        logger.startGroup(`Downloading custom packs for ${language}`);

--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -4,6 +4,7 @@ import * as path from "path";

 import * as toolrunner from "@actions/exec/lib/toolrunner";
 import { default as deepEqual } from "fast-deep-equal";
+import * as yaml from "js-yaml";
 import { default as queryString } from "query-string";
 import * as semver from "semver";

@ -225,6 +226,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 export const CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
+export const CODEQL_VERSION_CONFIG_FILES = "2.8.2"; // Versions before 2.8.2 weren't tolerant to unknown properties
 export const CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";

@ -761,6 +763,26 @@ async function getCodeQLForCmd(
          }
        }
      }
+      if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES)) {
+        const configLocation = path.resolve(config.tempDir, "user-config.yaml");
+        const augmentedConfig = config.originalUserInput;
+        if (config.injectedMlQueries) {
+          // We need to inject the ML queries into the original user input before
+          // we pass this on to the CLI, to make sure these get run.
+          const packString = await util.getMlPoweredJsQueriesPack(codeql);
+
+          if (augmentedConfig.packs === undefined) augmentedConfig.packs = [];
+          if (Array.isArray(augmentedConfig.packs)) {
+            augmentedConfig.packs.push(packString);
+          } else {
+            if (!augmentedConfig.packs.javascript)
+              augmentedConfig.packs["javascript"] = [];
+            augmentedConfig.packs["javascript"].push(packString);
+          }
+        }
+        fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
+        extraArgs.push(`--codescanning-config=${configLocation}`);
+      }
      await runTool(cmd, [
        "database",
        "init",
@ -933,7 +955,9 @@ async function getCodeQLForCmd(
      if (extraSearchPath !== undefined) {
        codeqlArgs.push("--additional-packs", extraSearchPath);
      }
-      codeqlArgs.push(querySuitePath);
+      if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
+        codeqlArgs.push(querySuitePath);
+      }
      await runTool(cmd, codeqlArgs);
    },
    async databaseInterpretResults(
@ -969,7 +993,9 @@ async function getCodeQLForCmd(
        codeqlArgs.push("--sarif-category", automationDetailsId);
      }
      codeqlArgs.push(databasePath);
-      codeqlArgs.push(...querySuitePaths);
+      if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
+        codeqlArgs.push(...querySuitePaths);
+      }
      // capture stdout, which contains analysis summaries
      return await runTool(cmd, codeqlArgs);
    },