Add integration test for workaround

.github/workflows/__go-indirect-tracing-workaround.yml

@@ -0,0 +1,94 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: 'PR Check - Go: workaround for indirect tracing'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
+on:
+  push:
+    branches:
+    - main
+    - releases/v2
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-indirect-tracing-workaround:
+    strategy:
+      matrix:
+        include:
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+    name: 'Go: workaround for indirect tracing'
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v4
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/actions/prepare-test
+      with:
+        version: ${{ matrix.version }}
+        use-all-platform-bundle: 'false'
+    - name: Set environment variable for Swift enablement
+      if: >-
+        runner.os != 'Windows' && (
+            matrix.version == '20220908' ||
+            matrix.version == '20221211'
+        )
+      shell: bash
+      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+      # We need a Go version that ships with statically linked binaries on Linux
+        go-version: '>=1.21.0'
+    - uses: ./../action/init
+      with:
+        languages: go
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: go build main.go
+    - uses: ./../action/analyze
+      with:
+        upload-database: false
+    - shell: bash
+      run: |
+        if [[ -z "${CODEQL_ACTION_GO_BINARY}" ]]; then
+          echo "Expected the workaround for indirect tracing of static binaries to trigger, but the" \
+            "CODEQL_ACTION_GO_BINARY environment variable is not set."
+          exit 1
+        fi
+        if [[ ! -f "${CODEQL_ACTION_GO_BINARY}" ]]; then
+          echo "CODEQL_ACTION_GO_BINARY is set, but the corresponding script does not exist."
+          exit 1
+        fi
+
+
+        # Once we start running Bash 4.2 in all environments, we can replace the
+        # `! -z` flag with the more elegant `-v` which confirms that the variable
+        # is actually unset and not potentially set to a blank value.
+        if [[ ! -z "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" ]]; then
+          echo "Expected the Go autobuilder not to be run, but the" \
+            "CODEQL_ACTION_DID_AUTOBUILD_GOLANG environment variable was set."
+          exit 1
+        fi
+        cd "$RUNNER_TEMP/codeql_databases"
+        if [[ ! -d go ]]; then
+          echo "Did not find a Go database"
+          exit 1
+        fi
+    env:
+      CODEQL_ACTION_TEST_MODE: true

pr-checks/checks/go-indirect-tracing-workaround.yml

@@ -0,0 +1,47 @@
+name: "Go: workaround for indirect tracing"
+description: "Checks that our workaround for indirect tracing for Go 1.21+ on Linux works"
+# only Linux is affected
+operatingSystems: ["ubuntu"]
+# pinned to a version which does not support statically linked binaries for indirect tracing
+versions: ["stable-v2.14.6"]
+steps:
+  - uses: actions/setup-go@v4
+    with:
+      # We need a Go version that ships with statically linked binaries on Linux
+      go-version: ">=1.21.0"
+  - uses: ./../action/init
+    with:
+      languages: go
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+  - name: Build code
+    shell: bash
+    run: go build main.go
+  - uses: ./../action/analyze
+    with:
+      upload-database: false
+  - shell: bash
+    run: |
+      if [[ -z "${CODEQL_ACTION_GO_BINARY}" ]]; then
+        echo "Expected the workaround for indirect tracing of static binaries to trigger, but the" \
+          "CODEQL_ACTION_GO_BINARY environment variable is not set."
+        exit 1
+      fi
+      if [[ ! -f "${CODEQL_ACTION_GO_BINARY}" ]]; then
+        echo "CODEQL_ACTION_GO_BINARY is set, but the corresponding script does not exist."
+        exit 1
+      fi
+
+
+      # Once we start running Bash 4.2 in all environments, we can replace the
+      # `! -z` flag with the more elegant `-v` which confirms that the variable
+      # is actually unset and not potentially set to a blank value.
+      if [[ ! -z "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" ]]; then
+        echo "Expected the Go autobuilder not to be run, but the" \
+          "CODEQL_ACTION_DID_AUTOBUILD_GOLANG environment variable was set."
+        exit 1
+      fi
+      cd "$RUNNER_TEMP/codeql_databases"
+      if [[ ! -d go ]]; then
+        echo "Did not find a Go database"
+        exit 1
+      fi