Remove duplicate locations from output of database interpret-results

src/analyze-action.ts

@@ -16,7 +16,7 @@ import {
 } from "./analyze";
 import { getApiDetails, getGitHubVersion } from "./api-client";
 import { runAutobuild } from "./autobuild";
-import { getCodeQL } from "./codeql";
+import { enrichEnvironment, getCodeQL } from "./codeql";
 import { Config, getConfig } from "./config-utils";
 import { uploadDatabases } from "./database-upload";
 import { Features } from "./feature-flags";
@@ -207,7 +207,7 @@ async function run() {
       );
     }
 
-    await util.enrichEnvironment(await getCodeQL(config.codeQLCmd));
+    await enrichEnvironment(await getCodeQL(config.codeQLCmd));
 
     const apiDetails = getApiDetails();
     const outputDir = actionsUtil.getRequiredInput("output");

src/analyze.ts

@@ -369,7 +369,8 @@ export async function runQueries(
       enableDebugLogging ? "-vv" : "-v",
       automationDetailsId,
       config,
-      features
+      features,
+      logger
     );
   }
 

src/codeql.test.ts

@@ -637,7 +637,8 @@ test("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0",
     "-v",
     "",
     stubConfig,
-    createFeatures([])
+    createFeatures([]),
+    getRunnerLogger(true)
   );
   t.false(
     runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
@@ -660,7 +661,8 @@ test("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (
     "-v",
     "",
     stubConfig,
-    createFeatures([])
+    createFeatures([]),
+    getRunnerLogger(true)
   );
   t.true(
     runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
@@ -1158,7 +1160,8 @@ test("databaseInterpretResults() sets --sarif-add-baseline-file-info for 2.11.3"
     "-v",
     "",
     stubConfig,
-    createFeatures([])
+    createFeatures([]),
+    getRunnerLogger(true)
   );
   t.true(
     runnerConstructorStub.firstCall.args[1].includes(
@@ -1183,7 +1186,8 @@ test("databaseInterpretResults() does not set --sarif-add-baseline-file-info for
     "-v",
     "",
     stubConfig,
-    createFeatures([])
+    createFeatures([]),
+    getRunnerLogger(true)
   );
   t.false(
     runnerConstructorStub.firstCall.args[1].includes(

src/codeql.ts

@@ -1,6 +1,7 @@
 import * as fs from "fs";
 import * as path from "path";
 
+import * as core from "@actions/core";
 import * as toolrunner from "@actions/exec/lib/toolrunner";
 import * as yaml from "js-yaml";
 
@@ -17,6 +18,7 @@ import { ToolsSource } from "./init";
 import { isTracedLanguage, Language } from "./languages";
 import { Logger } from "./logging";
 import * as setupCodeql from "./setup-codeql";
+import { EnvVar } from "./shared-environment";
 import { toolrunnerErrorCatcher } from "./toolrunner-error-catcher";
 import {
   getTrapCachingExtractorConfigArgs,
@@ -179,7 +181,8 @@ export interface CodeQL {
     verbosityFlag: string | undefined,
     automationDetailsId: string | undefined,
     config: Config,
-    features: FeatureEnablement
+    features: FeatureEnablement,
+    logger: Logger
   ): Promise<string>;
   /**
    * Run 'codeql database print-baseline'.
@@ -866,15 +869,23 @@ export async function getCodeQLForCmd(
       verbosityFlag: string,
       automationDetailsId: string | undefined,
       config: Config,
-      features: FeatureEnablement
+      features: FeatureEnablement,
+      logger: Logger
     ): Promise<string> {
+      const shouldExportDiagnostics = await features.getValue(
+        Feature.ExportDiagnosticsEnabled,
+        this
+      );
+      const codeqlOutputFile = shouldExportDiagnostics
+        ? path.join(config.tempDir, "codeql-intermediate-results.sarif")
+        : sarifFile;
       const codeqlArgs = [
         "database",
         "interpret-results",
         threadsFlag,
         "--format=sarif-latest",
         verbosityFlag,
-        `--output=${sarifFile}`,
+        `--output=${codeqlOutputFile}`,
         addSnippetsFlag,
         "--print-diagnostics-summary",
         "--print-metrics-summary",
@@ -895,7 +906,7 @@ export async function getCodeQLForCmd(
       ) {
         codeqlArgs.push("--sarif-add-baseline-file-info");
       }
-      if (await features.getValue(Feature.ExportDiagnosticsEnabled, this)) {
+      if (shouldExportDiagnostics) {
         codeqlArgs.push("--sarif-include-diagnostics");
       }
       codeqlArgs.push(databasePath);
@@ -908,6 +919,15 @@ export async function getCodeQLForCmd(
         codeqlArgs,
         errorMatchers
       );
+
+      if (shouldExportDiagnostics) {
+        let sarif = JSON.parse(
+          fs.readFileSync(codeqlOutputFile, "utf8")
+        ) as util.SarifFile;
+        sarif = util.fixInvalidNotifications(sarif, logger);
+        fs.writeFileSync(sarifFile, JSON.stringify(sarif));
+      }
+
       return returnState.stdout;
     },
     async databasePrintBaseline(databasePath: string): Promise<string> {
@@ -1270,3 +1290,17 @@ async function getCodeScanningConfigExportArguments(
   }
   return [];
 }
+
+/**
+ * Enrich the environment variables with further flags that we cannot
+ * know the value of until we know what version of CodeQL we're running.
+ */
+export async function enrichEnvironment(codeql: CodeQL) {
+  if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
+    core.exportVariable(EnvVar.FEATURE_MULTI_LANGUAGE, "false");
+    core.exportVariable(EnvVar.FEATURE_SANDWICH, "false");
+  } else {
+    core.exportVariable(EnvVar.FEATURE_MULTI_LANGUAGE, "true");
+    core.exportVariable(EnvVar.FEATURE_SANDWICH, "true");
+  }
+}

src/init-action.ts

@@ -14,7 +14,11 @@ import {
   StatusReportBase,
 } from "./actions-util";
 import { getGitHubVersion } from "./api-client";
-import { CodeQL, CODEQL_VERSION_NEW_TRACING } from "./codeql";
+import {
+  CodeQL,
+  CODEQL_VERSION_NEW_TRACING,
+  enrichEnvironment,
+} from "./codeql";
 import * as configUtils from "./config-utils";
 import { Feature, Features } from "./feature-flags";
 import {
@@ -35,7 +39,6 @@ import {
   codeQlVersionAbove,
   DEFAULT_DEBUG_ARTIFACT_NAME,
   DEFAULT_DEBUG_DATABASE_NAME,
-  enrichEnvironment,
   getMemoryFlagValue,
   getMlPoweredJsQueriesStatus,
   getRequiredEnvParam,

src/shared-environment.ts

@@ -1,3 +1,39 @@
+/**
+ * Environment variables to be set by codeql-action and used by the
+ * CLI.
+ */
+export enum EnvVar {
+  /**
+   * Semver of the codeql-action as specified in package.json.
+   */
+  VERSION = "CODEQL_ACTION_VERSION",
+
+  /**
+   * If set to a truthy value, then the codeql-action might combine SARIF
+   * output from several `interpret-results` runs for the same Language.
+   */
+  FEATURE_SARIF_COMBINE = "CODEQL_ACTION_FEATURE_SARIF_COMBINE",
+
+  /**
+   * If set to the "true" string, then the codeql-action will upload SARIF,
+   * not the cli.
+   */
+  FEATURE_WILL_UPLOAD = "CODEQL_ACTION_FEATURE_WILL_UPLOAD",
+
+  /**
+   * If set to the "true" string, then the codeql-action is using its
+   * own deprecated and non-standard way of scanning for multiple
+   * languages.
+   */
+  FEATURE_MULTI_LANGUAGE = "CODEQL_ACTION_FEATURE_MULTI_LANGUAGE",
+
+  /**
+   * If set to the "true" string, then the codeql-action is using its
+   * own sandwiched workflow mechanism
+   */
+  FEATURE_SANDWICH = "CODEQL_ACTION_FEATURE_SANDWICH",
+}
+
 /**
  * Environment variable that is set to true when the CodeQL Action has invoked
  * the Go autobuilder.

src/util.ts

@@ -10,7 +10,7 @@ import * as semver from "semver";
 
 import { getApiClient, GitHubApiDetails } from "./api-client";
 import * as apiCompatibility from "./api-compatibility.json";
-import { CodeQL, CODEQL_VERSION_NEW_TRACING } from "./codeql";
+import { CodeQL } from "./codeql";
 import {
   Config,
   parsePacksSpecification,
@@ -22,6 +22,7 @@ import { Logger } from "./logging";
 import {
   CODEQL_ACTION_DISABLE_DUPLICATE_LOCATION_FIX,
   CODEQL_ACTION_TEST_MODE,
+  EnvVar,
 } from "./shared-environment";
 
 /**
@@ -432,42 +433,6 @@ export function assertNever(value: never): never {
   throw new ExhaustivityCheckingError(value);
 }
 
-/**
- * Environment variables to be set by codeql-action and used by the
- * CLI.
- */
-export enum EnvVar {
-  /**
-   * Semver of the codeql-action as specified in package.json.
-   */
-  VERSION = "CODEQL_ACTION_VERSION",
-
-  /**
-   * If set to a truthy value, then the codeql-action might combine SARIF
-   * output from several `interpret-results` runs for the same Language.
-   */
-  FEATURE_SARIF_COMBINE = "CODEQL_ACTION_FEATURE_SARIF_COMBINE",
-
-  /**
-   * If set to the "true" string, then the codeql-action will upload SARIF,
-   * not the cli.
-   */
-  FEATURE_WILL_UPLOAD = "CODEQL_ACTION_FEATURE_WILL_UPLOAD",
-
-  /**
-   * If set to the "true" string, then the codeql-action is using its
-   * own deprecated and non-standard way of scanning for multiple
-   * languages.
-   */
-  FEATURE_MULTI_LANGUAGE = "CODEQL_ACTION_FEATURE_MULTI_LANGUAGE",
-
-  /**
-   * If set to the "true" string, then the codeql-action is using its
-   * own sandwiched workflow mechanism
-   */
-  FEATURE_SANDWICH = "CODEQL_ACTION_FEATURE_SANDWICH",
-}
-
 /**
  * Set some initial environment variables that we can set even without
  * knowing what version of CodeQL we're running.
@@ -478,20 +443,6 @@ export function initializeEnvironment(version: string) {
   core.exportVariable(EnvVar.FEATURE_WILL_UPLOAD, "true");
 }
 
-/**
- * Enrich the environment variables with further flags that we cannot
- * know the value of until we know what version of CodeQL we're running.
- */
-export async function enrichEnvironment(codeql: CodeQL) {
-  if (await codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
-    core.exportVariable(EnvVar.FEATURE_MULTI_LANGUAGE, "false");
-    core.exportVariable(EnvVar.FEATURE_SANDWICH, "false");
-  } else {
-    core.exportVariable(EnvVar.FEATURE_MULTI_LANGUAGE, "true");
-    core.exportVariable(EnvVar.FEATURE_SANDWICH, "true");
-  }
-}
-
 /**
  * Get an environment parameter, but throw an error if it is not set.
  */