Append / to end of registries url

Avoids a bug in 2.10.4. Also, add some better handling for invalid registries blocks.
2022-09-07 20:32:47 -07:00 · 2022-09-07 20:32:47 -07:00 · 6085805a3a
commit 6085805a3a
parent 59744464eb
7 changed files with 119 additions and 30 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -42,7 +42,7 @@ No user facing changes.
 ## 2.1.15 - 28 Jun 2022

 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116)
- The combination of python2 and poetry is no longer supported. See https://github.com/actions/setup-python/issues/374 for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
+- The combination of python2 and poetry is no longer supported. See <https://github.com/actions/setup-python/issues/374> for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
 - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123)

 ## 2.1.14 - 22 Jun 2022
--- a/lib/config-utils.js
+++ b/lib/config-utils.js
@ -1049,9 +1049,14 @@ async function downloadPacks(codeQL, languages, packs, registries, apiDetails, t
 }
 exports.downloadPacks = downloadPacks;
 function createRegistriesBlock(registries) {
+    if (!Array.isArray(registries) ||
+        registries.some((r) => !r.url || !r.packages)) {
+        throw new Error("Invalid 'registries' input. Must be an array of objects with 'url' and 'packages' properties.");
+    }
    // be sure to remove the `token` field from the registry before writing it to disk.
    const safeRegistries = registries.map((registry) => ({
-        url: registry.url,
+        // ensure the url ends with a slash to avoid a bug in the CLI 2.10.4
+        url: !(registry === null || registry === void 0 ? void 0 : registry.url.endsWith("/")) ? `${registry.url}/` : registry.url,
        packages: registry.packages,
    }));
    const qlconfig = {
--- a/lib/config-utils.js.map
+++ b/lib/config-utils.js.map
--- a/lib/config-utils.test.js
+++ b/lib/config-utils.test.js
@ -1123,16 +1123,23 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
        const logger = (0, logging_1.getRunnerLogger)(true);
        const registries = [
            {
+                // no slash
                url: "http://ghcr.io",
                packages: ["codeql/*", "dsp-testing/*"],
                token: "not-a-token",
            },
            {
+                // with slash
                url: "https://containers.GHEHOSTNAME1/v2/",
                packages: "semmle/*",
                token: "still-not-a-token",
            },
        ];
+        // append a slash to the first url
+        const expectedRegistries = registries.map((r, i) => ({
+            packages: r.packages,
+            url: i === 0 ? `${r.url}/` : r.url,
+        }));
        const expectedConfigFile = path.join(tmpDir, "qlconfig.yml");
        const packDownloadStub = sinon.stub();
        packDownloadStub.callsFake((packs, configFile) => {
@ -1142,7 +1149,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
            t.deepEqual(process.env.CODEQL_REGISTRIES_AUTH, "http://ghcr.io=not-a-token,https://containers.GHEHOSTNAME1/v2/=still-not-a-token");
            // verify the config file contents were set correctly
            const config = yaml.load(fs.readFileSync(configFile, "utf8"));
-            t.deepEqual(config.registries, registries.map((r) => ({ url: r.url, packages: r.packages })));
+            t.deepEqual(config.registries, expectedRegistries);
            return {
                packs,
            };
@ -1196,10 +1203,35 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
            getVersion: () => Promise.resolve("2.10.3"),
        });
        await t.throwsAsync(async () => {
-            /* packs are supplied for go, java, and python*/
-            /* analyzed languages are java, javascript, and python*/
            return await configUtils.downloadPacks(codeQL, [languages_1.Language.javascript, languages_1.Language.java, languages_1.Language.python], {}, registries, sampleApiDetails, tmpDir, logger);
-        }, { instanceOf: Error }, "'registries' input is not supported on CodeQL versions less than 2.10.5.");
+        }, { instanceOf: Error }, "'registries' input is not supported on CodeQL versions less than 2.10.4.");
+    });
+});
+(0, ava_1.default)("downloadPacks-with-registries fails with invalid registries block", async (t) => {
+    // same thing, but this time include a registries block and
+    // associated env vars
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env.GITHUB_TOKEN = "not-a-token";
+        process.env.CODEQL_REGISTRIES_AUTH = "not-a-registries-auth";
+        const logger = (0, logging_1.getRunnerLogger)(true);
+        const registries = [
+            {
+                // missing url property
+                packages: ["codeql/*", "dsp-testing/*"],
+                token: "not-a-token",
+            },
+            {
+                url: "https://containers.GHEHOSTNAME1/v2/",
+                packages: "semmle/*",
+                token: "still-not-a-token",
+            },
+        ];
+        const codeQL = (0, codeql_1.setCodeQL)({
+            getVersion: () => Promise.resolve("2.10.4"),
+        });
+        await t.throwsAsync(async () => {
+            return await configUtils.downloadPacks(codeQL, [languages_1.Language.javascript, languages_1.Language.java, languages_1.Language.python], {}, registries, sampleApiDetails, tmpDir, logger);
+        }, { instanceOf: Error }, "Invalid 'registries' input. Must be an array of objects with 'url' and 'packages' properties.");
    });
 });
 //# sourceMappingURL=config-utils.test.js.map
--- a/lib/config-utils.test.js.map
+++ b/lib/config-utils.test.js.map
--- a/src/config-utils.test.ts
+++ b/src/config-utils.test.ts
@ -2277,17 +2277,25 @@ test("downloadPacks-with-registries", async (t) => {

    const registries = [
      {
+        // no slash
        url: "http://ghcr.io",
        packages: ["codeql/*", "dsp-testing/*"],
        token: "not-a-token",
      },
      {
+        // with slash
        url: "https://containers.GHEHOSTNAME1/v2/",
        packages: "semmle/*",
        token: "still-not-a-token",
      },
    ];

+    // append a slash to the first url
+    const expectedRegistries = registries.map((r, i) => ({
+      packages: r.packages,
+      url: i === 0 ? `${r.url}/` : r.url,
+    }));
+
    const expectedConfigFile = path.join(tmpDir, "qlconfig.yml");
    const packDownloadStub = sinon.stub();
    packDownloadStub.callsFake((packs, configFile) => {
@ -2303,10 +2311,7 @@ test("downloadPacks-with-registries", async (t) => {
      const config = yaml.load(fs.readFileSync(configFile, "utf8")) as {
        registries: configUtils.RegistryConfigNoCredentials[];
      };
-      t.deepEqual(
-        config.registries,
-        registries.map((r) => ({ url: r.url, packages: r.packages }))
-      );
+      t.deepEqual(config.registries, expectedRegistries);
      return {
        packs,
      };
@ -2375,24 +2380,61 @@ test("downloadPacks-with-registries fails on 2.10.3", async (t) => {
      getVersion: () => Promise.resolve("2.10.3"),
    });
    await t.throwsAsync(
-      async () =>
-        // packs are supplied for go, java, and python
-        // analyzed languages are java, javascript, and python
-        {
-          /* packs are supplied for go, java, and python*/
-          /* analyzed languages are java, javascript, and python*/
-          return await configUtils.downloadPacks(
-            codeQL,
-            [Language.javascript, Language.java, Language.python],
-            {},
-            registries,
-            sampleApiDetails,
-            tmpDir,
-            logger
-          );
-        },
+      async () => {
+        return await configUtils.downloadPacks(
+          codeQL,
+          [Language.javascript, Language.java, Language.python],
+          {},
+          registries,
+          sampleApiDetails,
+          tmpDir,
+          logger
+        );
+      },
      { instanceOf: Error },
-      "'registries' input is not supported on CodeQL versions less than 2.10.5."
+      "'registries' input is not supported on CodeQL versions less than 2.10.4."
+    );
+  });
+});
+
+test("downloadPacks-with-registries fails with invalid registries block", async (t) => {
+  // same thing, but this time include a registries block and
+  // associated env vars
+  return await util.withTmpDir(async (tmpDir) => {
+    process.env.GITHUB_TOKEN = "not-a-token";
+    process.env.CODEQL_REGISTRIES_AUTH = "not-a-registries-auth";
+    const logger = getRunnerLogger(true);
+
+    const registries = [
+      {
+        // missing url property
+        packages: ["codeql/*", "dsp-testing/*"],
+        token: "not-a-token",
+      },
+      {
+        url: "https://containers.GHEHOSTNAME1/v2/",
+        packages: "semmle/*",
+        token: "still-not-a-token",
+      },
+    ];
+
+    const codeQL = setCodeQL({
+      getVersion: () => Promise.resolve("2.10.4"),
+    });
+    await t.throwsAsync(
+      async () => {
+        return await configUtils.downloadPacks(
+          codeQL,
+          [Language.javascript, Language.java, Language.python],
+          {},
+          registries as any,
+          sampleApiDetails,
+          tmpDir,
+          logger
+        );
+      },
+      { instanceOf: Error },
+      "Invalid 'registries' input. Must be an array of objects with 'url' and 'packages' properties."
    );
  });
 });
--- a/src/config-utils.ts
+++ b/src/config-utils.ts
@ -1900,9 +1900,19 @@ export async function downloadPacks(
 function createRegistriesBlock(registries: RegistryConfigWithCredentials[]): {
  registries: RegistryConfigNoCredentials[];
 } {
+  if (
+    !Array.isArray(registries) ||
+    registries.some((r) => !r.url || !r.packages)
+  ) {
+    throw new Error(
+      "Invalid 'registries' input. Must be an array of objects with 'url' and 'packages' properties."
+    );
+  }
+
  // be sure to remove the `token` field from the registry before writing it to disk.
  const safeRegistries = registries.map((registry) => ({
-    url: registry.url,
+    // ensure the url ends with a slash to avoid a bug in the CLI 2.10.4
+    url: !registry?.url.endsWith("/") ? `${registry.url}/` : registry.url,
    packages: registry.packages,
  }));
  const qlconfig = {