Upload per-database diagnostic SARIFs on green and red runs (#1556)

Co-authored-by: Henry Mercer <henry.mercer@me.com>
2023-03-20 14:09:04 -07:00 · 2023-03-20 14:09:04 -07:00 · 3cbd063679
commit 3cbd063679
parent b4fba292aa
28 changed files with 450 additions and 54 deletions
--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -185,6 +185,17 @@ export interface CodeQL {
   * Run 'codeql database print-baseline'.
   */
  databasePrintBaseline(databasePath: string): Promise<string>;
+  /**
+   * Run 'codeql database export-diagnostics'
+   *
+   * Note that the "--sarif-include-diagnostics" option is always used, as the command should
+   * only be run if the ExportDiagnosticsEnabled feature flag is on.
+   */
+  databaseExportDiagnostics(
+    databasePath: string,
+    sarifFile: string,
+    automationDetailsId: string | undefined
+  ): Promise<void>;
  /**
   * Run 'codeql diagnostics export'.
   */
@ -429,6 +440,10 @@ export function setCodeQL(partialCodeql: Partial<CodeQL>): CodeQL {
      partialCodeql,
      "databasePrintBaseline"
    ),
+    databaseExportDiagnostics: resolveFunction(
+      partialCodeql,
+      "databaseExportDiagnostics"
+    ),
    diagnosticsExport: resolveFunction(partialCodeql, "diagnosticsExport"),
  };
  return cachedCodeQL;
@ -880,6 +895,9 @@ export async function getCodeQLForCmd(
      ) {
        codeqlArgs.push("--sarif-add-baseline-file-info");
      }
+      if (await features.getValue(Feature.ExportDiagnosticsEnabled, this)) {
+        codeqlArgs.push("--sarif-include-diagnostics");
+      }
      codeqlArgs.push(databasePath);
      if (querySuitePaths) {
        codeqlArgs.push(...querySuitePaths);
@ -982,6 +1000,27 @@ export async function getCodeQLForCmd(
      ];
      await new toolrunner.ToolRunner(cmd, args).exec();
    },
+    async databaseExportDiagnostics(
+      databasePath: string,
+      sarifFile: string,
+      automationDetailsId: string | undefined
+    ): Promise<void> {
+      const args = [
+        "database",
+        "export-diagnostics",
+        `${databasePath}`,
+        "--db-cluster", // Database is always a cluster for CodeQL versions that support diagnostics.
+        "--format=sarif-latest",
+        `--output=${sarifFile}`,
+        "--sarif-include-diagnostics", // ExportDiagnosticsEnabled is always true if this command is run.
+        "-vvv",
+        ...getExtraOptionsFromEnv(["diagnostics", "export"]),
+      ];
+      if (automationDetailsId !== undefined) {
+        args.push("--sarif-category", automationDetailsId);
+      }
+      await new toolrunner.ToolRunner(cmd, args).exec();
+    },
    async diagnosticsExport(
      sarifFile: string,
      automationDetailsId: string | undefined,