Enable mapping from CLI version to bundle tag name

2023-01-06 21:01:01 +00:00 · 2023-01-06 21:01:01 +00:00 · a76fe4f9bd
commit a76fe4f9bd
parent a6dff04fe1
6 changed files with 168 additions and 3 deletions
--- a/lib/codeql.js
+++ b/lib/codeql.js
@ -22,7 +22,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CODEQL_DEFAULT_ACTION_REPOSITORY = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.findCodeQLBundleTagDotcomOnly = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CODEQL_DEFAULT_ACTION_REPOSITORY = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@ -128,6 +128,34 @@ function getCodeQLActionRepository(logger) {
    return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
 }
 exports.getCodeQLActionRepository = getCodeQLActionRepository;
+async function findCodeQLBundleTagDotcomOnly(cliVersion, logger) {
+    const apiClient = api.getApiClient();
+    const codeQLActionRepository = getCodeQLActionRepository(logger);
+    const releases = await apiClient.paginate(apiClient.repos.listReleases, {
+        owner: codeQLActionRepository.split("/")[0],
+        repo: codeQLActionRepository.split("/")[1],
+    });
+    logger.debug(`Found ${releases.length} releases.`);
+    for (const release of releases) {
+        const cliVersionFileVersions = release.assets
+            .map((asset) => { var _a; return (_a = asset.name.match(/cli-version-(.*)\.txt/)) === null || _a === void 0 ? void 0 : _a[1]; })
+            .filter((v) => v)
+            .map((v) => v);
+        if (cliVersionFileVersions.length === 0) {
+            logger.debug(`Ignoring release ${release.tag_name} with no CLI version marker file.`);
+            continue;
+        }
+        if (cliVersionFileVersions.length > 1) {
+            logger.warning(`Ignoring release ${release.tag_name} with multiple CLI version marker files.`);
+            continue;
+        }
+        if (cliVersionFileVersions[0] === cliVersion) {
+            return release.tag_name;
+        }
+    }
+    throw new Error(`Failed to find a CodeQL bundle release for CLI version ${cliVersion}.`);
+}
+exports.findCodeQLBundleTagDotcomOnly = findCodeQLBundleTagDotcomOnly;
 async function getCodeQLBundleDownloadURL(apiDetails, variant, logger) {
    const codeQLActionRepository = getCodeQLActionRepository(logger);
    const potentialDownloadSources = [
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/lib/codeql.test.js
+++ b/lib/codeql.test.js
@ -34,6 +34,7 @@ const yaml = __importStar(require("js-yaml"));
 const nock_1 = __importDefault(require("nock"));
 const sinon = __importStar(require("sinon"));
 const actionsUtil = __importStar(require("./actions-util"));
+const api = __importStar(require("./api-client"));
 const codeql = __importStar(require("./codeql"));
 const defaults = __importStar(require("./defaults.json"));
 const feature_flags_1 = require("./feature-flags");
@ -602,6 +603,48 @@ const injectedConfigMacro = ava_1.default.macro({
    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
    t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info must be absent, but it is present");
 });
+(0, ava_1.default)("findCodeQLBundleTagDotcomOnly() matches GitHub Release with marker file", async (t) => {
+    // Look for GitHub Releases in github/codeql-action
+    sinon.stub(actionsUtil, "isRunningLocalAction").resolves(true);
+    sinon.stub(api, "getApiClient").value(() => ({
+        repos: {
+            listReleases: sinon.stub().resolves(undefined),
+        },
+        paginate: sinon.stub().resolves([
+            {
+                assets: [
+                    {
+                        name: "cli-version-2.12.0.txt",
+                    },
+                ],
+                tag_name: "codeql-bundle-20230106",
+            },
+        ]),
+    }));
+    t.is(await codeql.findCodeQLBundleTagDotcomOnly("2.12.0", (0, logging_1.getRunnerLogger)(true)), "codeql-bundle-20230106");
+});
+(0, ava_1.default)("findCodeQLBundleTagDotcomOnly() errors if no GitHub Release matches marker file", async (t) => {
+    // Look for GitHub Releases in github/codeql-action
+    sinon.stub(actionsUtil, "isRunningLocalAction").resolves(true);
+    sinon.stub(api, "getApiClient").value(() => ({
+        repos: {
+            listReleases: sinon.stub().resolves(undefined),
+        },
+        paginate: sinon.stub().resolves([
+            {
+                assets: [
+                    {
+                        name: "cli-version-2.12.0.txt",
+                    },
+                ],
+                tag_name: "codeql-bundle-20230106",
+            },
+        ]),
+    }));
+    await t.throwsAsync(async () => await codeql.findCodeQLBundleTagDotcomOnly("2.12.1", (0, logging_1.getRunnerLogger)(true)), {
+        message: "Failed to find a CodeQL bundle release for CLI version 2.12.1.",
+    });
+});
 function stubToolRunnerConstructor() {
    const runnerObjectStub = sinon.createStubInstance(toolrunner.ToolRunner);
    runnerObjectStub.exec.resolves(0);
--- a/lib/codeql.test.js.map
+++ b/lib/codeql.test.js.map
--- a/src/codeql.test.ts
+++ b/src/codeql.test.ts
@ -11,6 +11,7 @@ import nock from "nock";
 import * as sinon from "sinon";

 import * as actionsUtil from "./actions-util";
+import * as api from "./api-client";
 import { GitHubApiDetails } from "./api-client";
 import * as codeql from "./codeql";
 import { AugmentationProperties, Config } from "./config-utils";
@ -929,6 +930,60 @@ test("databaseInterpretResults() does not set --sarif-add-baseline-file-info for
  );
 });

+test("findCodeQLBundleTagDotcomOnly() matches GitHub Release with marker file", async (t) => {
+  // Look for GitHub Releases in github/codeql-action
+  sinon.stub(actionsUtil, "isRunningLocalAction").resolves(true);
+  sinon.stub(api, "getApiClient").value(() => ({
+    repos: {
+      listReleases: sinon.stub().resolves(undefined),
+    },
+    paginate: sinon.stub().resolves([
+      {
+        assets: [
+          {
+            name: "cli-version-2.12.0.txt",
+          },
+        ],
+        tag_name: "codeql-bundle-20230106",
+      },
+    ]),
+  }));
+  t.is(
+    await codeql.findCodeQLBundleTagDotcomOnly("2.12.0", getRunnerLogger(true)),
+    "codeql-bundle-20230106"
+  );
+});
+
+test("findCodeQLBundleTagDotcomOnly() errors if no GitHub Release matches marker file", async (t) => {
+  // Look for GitHub Releases in github/codeql-action
+  sinon.stub(actionsUtil, "isRunningLocalAction").resolves(true);
+  sinon.stub(api, "getApiClient").value(() => ({
+    repos: {
+      listReleases: sinon.stub().resolves(undefined),
+    },
+    paginate: sinon.stub().resolves([
+      {
+        assets: [
+          {
+            name: "cli-version-2.12.0.txt",
+          },
+        ],
+        tag_name: "codeql-bundle-20230106",
+      },
+    ]),
+  }));
+  await t.throwsAsync(
+    async () =>
+      await codeql.findCodeQLBundleTagDotcomOnly(
+        "2.12.1",
+        getRunnerLogger(true)
+      ),
+    {
+      message: "Failed to find a CodeQL bundle release for CLI version 2.12.1.",
+    }
+  );
+});
+
 export function stubToolRunnerConstructor(): sinon.SinonStub<
  any[],
  toolrunner.ToolRunner
--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -314,6 +314,45 @@ export function getCodeQLActionRepository(logger: Logger): string {
  return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
 }

+export async function findCodeQLBundleTagDotcomOnly(
+  cliVersion: string,
+  logger: Logger
+): Promise<string> {
+  const apiClient = api.getApiClient();
+  const codeQLActionRepository = getCodeQLActionRepository(logger);
+  const releases = await apiClient.paginate(apiClient.repos.listReleases, {
+    owner: codeQLActionRepository.split("/")[0],
+    repo: codeQLActionRepository.split("/")[1],
+  });
+  logger.debug(`Found ${releases.length} releases.`);
+
+  for (const release of releases) {
+    const cliVersionFileVersions = release.assets
+      .map((asset) => asset.name.match(/cli-version-(.*)\.txt/)?.[1])
+      .filter((v) => v)
+      .map((v) => v as string);
+
+    if (cliVersionFileVersions.length === 0) {
+      logger.debug(
+        `Ignoring release ${release.tag_name} with no CLI version marker file.`
+      );
+      continue;
+    }
+    if (cliVersionFileVersions.length > 1) {
+      logger.warning(
+        `Ignoring release ${release.tag_name} with multiple CLI version marker files.`
+      );
+      continue;
+    }
+    if (cliVersionFileVersions[0] === cliVersion) {
+      return release.tag_name;
+    }
+  }
+  throw new Error(
+    `Failed to find a CodeQL bundle release for CLI version ${cliVersion}.`
+  );
+}
+
 async function getCodeQLBundleDownloadURL(
  apiDetails: api.GitHubApiDetails,
  variant: util.GitHubVariant,