robojerk/codeql-action

Forward file baseline information enablement to CLI

Browse source
This commit is contained in:
Henry Mercer 2022-10-26 16:14:02 +01:00
parent 5da50dc362
commit 89e18934d3
9 changed files with 114 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/analyze.js generated
View file

@ -227,7 +227,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
return statusReport;
async function runInterpretResults(language, queries, sarifFile, enableDebugLogging) {
const databasePath = util.getCodeQLDatabasePath(config, language);
return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId);
return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId, featureEnablement);
}
async function cliCanCountLoC() {
return await util.codeQlVersionAbove(await (0, codeql_1.getCodeQL)(config.codeQLCmd), codeql_1.CODEQL_VERSION_COUNTS_LINES);

2
lib/analyze.js.map
View file

File diff suppressed because one or more lines are too long

5
lib/codeql.js generated
View file

@ -698,7 +698,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
}
await runTool(cmd, codeqlArgs);
},
async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId) {
async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, featureEnablement) {
const codeqlArgs = [
"database",
"interpret-results",
@ -721,6 +721,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
(await util.codeQlVersionAbove(this, CODEQL_VERSION_SARIF_GROUP))) {
codeqlArgs.push("--sarif-category", automationDetailsId);
}
if (await featureEnablement.getValue(feature_flags_1.Feature.FileBaselineInformationEnabled, this)) {
codeqlArgs.push("--sarif-add-baseline-file-info");
}
codeqlArgs.push(databasePath);
if (querySuitePaths) {
codeqlArgs.push(...querySuitePaths);

2
lib/codeql.js.map
View file

File diff suppressed because one or more lines are too long

24
lib/codeql.test.js generated
View file

@ -308,14 +308,14 @@ for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCAC
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be absent, but it is present");
});
(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be present, but it is absent");
});
(0, ava_1.default)("databaseInitCluster() without injected codescanning config", async (t) => {
@ -564,6 +564,26 @@ const injectedConfigMacro = ava_1.default.macro({
process.env["CODEQL_PASS_CONFIG_TO_CLI"] = origCODEQL_PASS_CONFIG_TO_CLI;
}
});
(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-baseline-file-info when feature enabled", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
// We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
// The version of CodeQL is checked separately to determine feature enablement, and does not
// otherwise impact this test, so set it to 0.0.0.
sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.FileBaselineInformationEnabled]));
t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info should be present, but it is absent");
});
(0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-baseline-file-info if feature disabled", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
// We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
// The version of CodeQL is checked upstream to determine feature enablement, so it does not
// affect this test.
sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info must be absent, but it is present");
});
function stubToolRunnerConstructor() {
const runnerObjectStub = sinon.createStubInstance(toolrunner.ToolRunner);
runnerObjectStub.exec.resolves(0);

2
lib/codeql.test.js.map
View file

File diff suppressed because one or more lines are too long

3
src/analyze.ts
View file

@ -389,7 +389,8 @@ export async function runQueries(
addSnippetsFlag,
threadsFlag,
enableDebugLogging ? "-vv" : "-v",
automationDetailsId
automationDetailsId,
featureEnablement
);
}

72
src/codeql.test.ts
View file

@ -445,7 +445,16 @@ test("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0",
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
await codeqlObject.databaseInterpretResults(
"",
[],
"",
"",
"",
"-v",
"",
createFeatures([])
);
t.false(
runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
"--sarif-add-query-help should be absent, but it is present"
@ -456,7 +465,16 @@ test("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
await codeqlObject.databaseInterpretResults(
"",
[],
"",
"",
"",
"-v",
"",
createFeatures([])
);
t.true(
runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
"--sarif-add-query-help should be present, but it is absent"
@ -846,6 +864,56 @@ test("does not use injected config", async (t: ExecutionContext<unknown>) => {
}
});
test("databaseInterpretResults() sets --sarif-add-baseline-file-info when feature enabled", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
// We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
// The version of CodeQL is checked separately to determine feature enablement, and does not
// otherwise impact this test, so set it to 0.0.0.
sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
await codeqlObject.databaseInterpretResults(
"",
[],
"",
"",
"",
"-v",
"",
createFeatures([Feature.FileBaselineInformationEnabled])
);
t.true(
runnerConstructorStub.firstCall.args[1].includes(
"--sarif-add-baseline-file-info"
),
"--sarif-add-baseline-file-info should be present, but it is absent"
);
});
test("databaseInterpretResults() does not set --sarif-add-baseline-file-info if feature disabled", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
// We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
// The version of CodeQL is checked upstream to determine feature enablement, so it does not
// affect this test.
sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
await codeqlObject.databaseInterpretResults(
"",
[],
"",
"",
"",
"-v",
"",
createFeatures([])
);
t.false(
runnerConstructorStub.firstCall.args[1].includes(
"--sarif-add-baseline-file-info"
),
"--sarif-add-baseline-file-info must be absent, but it is present"
);
});
export function stubToolRunnerConstructor(): sinon.SinonStub<
any[],
toolrunner.ToolRunner

14
src/codeql.ts
View file

@ -173,7 +173,8 @@ export interface CodeQL {
addSnippetsFlag: string,
threadsFlag: string,
verbosityFlag: string | undefined,
automationDetailsId: string | undefined
automationDetailsId: string | undefined,
featureEnablement: FeatureEnablement
): Promise<string>;
/**
* Run 'codeql database print-baseline'.
@ -1066,7 +1067,8 @@ async function getCodeQLForCmd(
addSnippetsFlag: string,
threadsFlag: string,
verbosityFlag: string,
automationDetailsId: string | undefined
automationDetailsId: string | undefined,
featureEnablement: FeatureEnablement
): Promise<string> {
const codeqlArgs = [
"database",
@ -1092,6 +1094,14 @@ async function getCodeQLForCmd(
) {
codeqlArgs.push("--sarif-category", automationDetailsId);
}
if (
await featureEnablement.getValue(
Feature.FileBaselineInformationEnabled,
this
)
) {
codeqlArgs.push("--sarif-add-baseline-file-info");
}
codeqlArgs.push(databasePath);
if (querySuitePaths) {
codeqlArgs.push(...querySuitePaths);