Merge pull request #2788 from github/dbartol/use-real-actions-extractor

Use embedded `actions` extractor only for old CLI versions
2025-03-03 13:59:30 -05:00 · 2025-03-03 13:59:30 -05:00 · 80f9930395
commit 80f9930395
parent f544ec5e4a d37931ae65
3 changed files with 23 additions and 7 deletions
--- a/lib/codeql.js
+++ b/lib/codeql.js
@ -262,9 +262,17 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                extraArgs.push(`--trace-process-name=${processName}`);
            }
            if (config.languages.indexOf(languages_1.Language.actions) >= 0) {
-                extraArgs.push("--search-path");
-                const extractorPath = path.resolve(__dirname, "../actions-extractor");
-                extraArgs.push(extractorPath);
+                // We originally added an embedded version of the Actions extractor to the CodeQL Action
+                // itself in order to deploy the extractor between CodeQL releases. When we did add the
+                // extractor to the CLI, though, its autobuild script was missing the execute bit.
+                // 2.20.6 is the first CLI release with the fully-functional extractor in the CLI. For older
+                // versions, we'll keep using the embedded extractor. We can remove the embedded extractor
+                // once 2.20.6 is deployed in the runner images.
+                if (!(await util.codeQlVersionAtLeast(codeql, "2.20.6"))) {
+                    extraArgs.push("--search-path");
+                    const extractorPath = path.resolve(__dirname, "../actions-extractor");
+                    extraArgs.push(extractorPath);
+                }
            }
            const codeScanningConfigFile = await generateCodeScanningConfig(config, logger);
            const externalRepositoryToken = (0, actions_util_1.getOptionalInput)("external-repository-token");
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -564,9 +564,17 @@ export async function getCodeQLForCmd(
      }

      if (config.languages.indexOf(Language.actions) >= 0) {
-        extraArgs.push("--search-path");
-        const extractorPath = path.resolve(__dirname, "../actions-extractor");
-        extraArgs.push(extractorPath);
+        // We originally added an embedded version of the Actions extractor to the CodeQL Action
+        // itself in order to deploy the extractor between CodeQL releases. When we did add the
+        // extractor to the CLI, though, its autobuild script was missing the execute bit.
+        // 2.20.6 is the first CLI release with the fully-functional extractor in the CLI. For older
+        // versions, we'll keep using the embedded extractor. We can remove the embedded extractor
+        // once 2.20.6 is deployed in the runner images.
+        if (!(await util.codeQlVersionAtLeast(codeql, "2.20.6"))) {
+          extraArgs.push("--search-path");
+          const extractorPath = path.resolve(__dirname, "../actions-extractor");
+          extraArgs.push(extractorPath);
+        }
      }

      const codeScanningConfigFile = await generateCodeScanningConfig(