Remove python dependency installation logic

I've left a few warning logging cases, but overall this feature is no longer supported.
2024-04-04 17:10:28 +02:00 · 2024-04-04 17:10:28 +02:00 · c7eea240e2
commit c7eea240e2
parent 3bd9c3e65c
4 changed files with 16 additions and 146 deletions
--- a/src/analyze.ts
+++ b/src/analyze.ts
@ -20,7 +20,6 @@ import { EnvVar } from "./environment";
 import {
  FeatureEnablement,
  Feature,
-  isPythonDependencyInstallationDisabled,
 } from "./feature-flags";
 import { isScannedLanguage, Language } from "./languages";
 import { Logger } from "./logging";
@ -123,8 +122,6 @@ export interface QueriesStatusReport {

 async function setupPythonExtractor(
  logger: Logger,
-  features: FeatureEnablement,
-  codeql: CodeQL,
 ) {
  const codeqlPython = process.env["CODEQL_PYTHON"];
  if (codeqlPython === undefined || codeqlPython.length === 0) {
@ -132,41 +129,11 @@ async function setupPythonExtractor(
    return;
  }

-  if (await isPythonDependencyInstallationDisabled(codeql, features)) {
-    logger.warning(
-      "We recommend that you remove the CODEQL_PYTHON environment variable from your workflow. This environment variable was originally used to specify a Python executable that included the dependencies of your Python code, however Python analysis no longer uses these dependencies." +
-        "\nIf you used CODEQL_PYTHON to force the version of Python to analyze as, please use CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION instead, such as 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=2.7' or 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=3.11'.",
-    );
-    return;
-  }
-
-  const scriptsFolder = path.resolve(__dirname, "../python-setup");
-
-  let output = "";
-  const options = {
-    listeners: {
-      stdout: (data: Buffer) => {
-        output += data.toString();
-      },
-    },
-  };
-
-  await new toolrunner.ToolRunner(
-    codeqlPython,
-    [path.join(scriptsFolder, "find_site_packages.py")],
-    options,
-  ).exec();
-  logger.info(`Setting LGTM_INDEX_IMPORT_PATH=${output}`);
-  process.env["LGTM_INDEX_IMPORT_PATH"] = output;
-
-  output = "";
-  await new toolrunner.ToolRunner(
-    codeqlPython,
-    ["-c", "import sys; print(sys.version_info[0])"],
-    options,
-  ).exec();
-  logger.info(`Setting LGTM_PYTHON_SETUP_VERSION=${output}`);
-  process.env["LGTM_PYTHON_SETUP_VERSION"] = output;
+  logger.warning(
+    "CODEQL_PYTHON environment variable is no longer supported. Please remove it from your workflow. This environment variable was originally used to specify a Python executable that included the dependencies of your Python code, however Python analysis no longer uses these dependencies." +
+      "\nIf you used CODEQL_PYTHON to force the version of Python to analyze as, please use CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION instead, such as 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=2.7' or 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=3.11'.",
+  );
+  return;
 }

 export async function runExtraction(
@ -186,7 +153,7 @@ export async function runExtraction(
    if (shouldExtractLanguage(config, language)) {
      logger.startGroup(`Extracting ${language}`);
      if (language === Language.python) {
-        await setupPythonExtractor(logger, features, codeql);
+        await setupPythonExtractor(logger);
      }
      if (
        config.buildMode &&
--- a/src/feature-flags.ts
+++ b/src/feature-flags.ts
@ -49,8 +49,6 @@ export enum Feature {
  CppTrapCachingEnabled = "cpp_trap_caching_enabled",
  DisableJavaBuildlessEnabled = "disable_java_buildless_enabled",
  DisableKotlinAnalysisEnabled = "disable_kotlin_analysis_enabled",
-  DisablePythonDependencyInstallationEnabled = "disable_python_dependency_installation_enabled",
-  PythonDefaultIsToSkipDependencyInstallationEnabled = "python_default_is_to_skip_dependency_installation_enabled",
  ExportDiagnosticsEnabled = "export_diagnostics_enabled",
  QaTelemetryEnabled = "qa_telemetry_enabled",
 }
@ -95,25 +93,6 @@ export const featureConfig: Record<
    minimumVersion: undefined,
    defaultValue: false,
  },
-  [Feature.DisablePythonDependencyInstallationEnabled]: {
-    envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION",
-    // Although the python extractor only started supporting not extracting installed
-    // dependencies in 2.13.1, the init-action can still benefit from not installing
-    // dependencies no matter what codeql version we are using, so therefore the
-    // minimumVersion is set to 'undefined'. This means that with an old CodeQL version,
-    // packages available with current python3 installation might get extracted.
-    minimumVersion: undefined,
-    defaultValue: false,
-  },
-  [Feature.PythonDefaultIsToSkipDependencyInstallationEnabled]: {
-    // we can reuse the same environment variable as above. If someone has set it to
-    // `true` in their workflow this means dependencies are not installed, setting it to
-    // `false` means dependencies _will_ be installed. The same semantics are applied
-    // here!
-    envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION",
-    minimumVersion: "2.16.0",
-    defaultValue: true,
-  },
 };

 /**
@ -458,19 +437,3 @@ class GitHubFeatureFlags {
    }
  }
 }
-
-export async function isPythonDependencyInstallationDisabled(
-  codeql: CodeQL,
-  features: FeatureEnablement,
-): Promise<boolean> {
-  return (
-    (await features.getValue(
-      Feature.DisablePythonDependencyInstallationEnabled,
-      codeql,
-    )) ||
-    (await features.getValue(
-      Feature.PythonDefaultIsToSkipDependencyInstallationEnabled,
-      codeql,
-    ))
-  );
-}
--- a/src/init-action.ts
+++ b/src/init-action.ts
@ -19,13 +19,11 @@ import { EnvVar } from "./environment";
 import {
  Feature,
  Features,
-  isPythonDependencyInstallationDisabled,
 } from "./feature-flags";
 import {
  checkInstallPython311,
  initCodeQL,
  initConfig,
-  installPythonDeps,
  runInit,
 } from "./init";
 import { Language } from "./languages";
@ -294,24 +292,6 @@ async function run() {
    );

    await checkInstallPython311(config.languages, codeql);
-
-    if (
-      config.languages.includes(Language.python) &&
-      getRequiredInput("setup-python-dependencies") === "true"
-    ) {
-      if (await isPythonDependencyInstallationDisabled(codeql, features)) {
-        logger.info("Skipping python dependency installation");
-      } else {
-        try {
-          await installPythonDeps(codeql, logger);
-        } catch (unwrappedError) {
-          const error = wrapError(unwrappedError);
-          logger.warning(
-            `${error.message} You can call this action with 'setup-python-dependencies: false' to disable this process`,
-          );
-        }
-      }
-    }
  } catch (unwrappedError) {
    const error = wrapError(unwrappedError);
    core.setFailed(error.message);
@ -462,18 +442,21 @@ async function run() {
      }
    }

-    // Disable Python dependency extraction if feature flag set
-    if (await isPythonDependencyInstallationDisabled(codeql, features)) {
+    // Disable Python dependency extraction if feature flag set From 2.16.0 the default
+    // for the python extractor is to not perform any library extraction. For versions
+    // before that, you needed to set this flag to enable this behavior (supported since
+    // 2.13.1). Since dependency installation is no longer supported in the action, we
+
+    if (await codeQlVersionAbove(codeql, "2.16.0")) {
+      // do nothing
+    } else if (await codeQlVersionAbove(codeql, "2.13.1")) {
      core.exportVariable(
        "CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION",
        "true",
      );
    } else {
-      // From 2.16.0 the default for the python extractor is to not perform any library
-      // extraction, so we need to set this flag to enable it.
-      core.exportVariable(
-        "CODEQL_EXTRACTOR_PYTHON_FORCE_ENABLE_LIBRARY_EXTRACTION_UNTIL_2_17_0",
-        "true",
+      logger.warning(
+        "codeql-action no longer installs Python dependencies. We recommend upgrading to at least CodeQL 2.16.0 to avoid any potential problems due to this.",
      );
    }

--- a/src/init.ts
+++ b/src/init.ts
@ -138,46 +138,3 @@ export async function checkInstallPython311(
    ]).exec();
  }
 }
-
-export async function installPythonDeps(codeql: CodeQL, logger: Logger) {
-  logger.startGroup("Setup Python dependencies");
-
-  const scriptsFolder = path.resolve(__dirname, "../python-setup");
-
-  try {
-    if (process.platform === "win32") {
-      await new toolrunner.ToolRunner(await safeWhich.safeWhich("powershell"), [
-        path.join(scriptsFolder, "install_tools.ps1"),
-      ]).exec();
-    } else {
-      await new toolrunner.ToolRunner(
-        path.join(scriptsFolder, "install_tools.sh"),
-      ).exec();
-    }
-    const script = "auto_install_packages.py";
-    if (process.platform === "win32") {
-      await new toolrunner.ToolRunner(await safeWhich.safeWhich("py"), [
-        "-3",
-        "-B",
-        path.join(scriptsFolder, script),
-        path.dirname(codeql.getPath()),
-      ]).exec();
-    } else {
-      await new toolrunner.ToolRunner(await safeWhich.safeWhich("python3"), [
-        "-B",
-        path.join(scriptsFolder, script),
-        path.dirname(codeql.getPath()),
-      ]).exec();
-    }
-  } catch (e) {
-    logger.endGroup();
-    logger.warning(
-      `An error occurred while trying to automatically install Python dependencies: ${e}\n` +
-        "Please make sure any necessary dependencies are installed before calling the codeql-action/analyze " +
-        "step, and add a 'setup-python-dependencies: false' argument to this step to disable our automatic " +
-        "dependency installation and avoid this warning.",
-    );
-    return;
-  }
-  logger.endGroup();
-}