Run the pack download command

lib/analyze.js

@@ -96,6 +96,13 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
             throw new Error(`Unable to analyse ${language} as no queries were selected for this language`);
         }
         try {
+            if (hasPackWithCustomQueries) {
+                const codeql = codeql_1.getCodeQL(config.codeQLCmd);
+                const results = await codeql.packDownload(packsWithVersion);
+                logger.info(`Downloaded packs: ${results.packs
+                    .map((r) => `${r.name}@${r.version || "latest"}`)
+                    .join(", ")}`);
+            }
             let analysisSummaryBuiltIn = "";
             const customAnalysisSummaries = [];
             if (queries["builtin"].length > 0) {
@@ -150,6 +157,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         }
         catch (e) {
             logger.info(e);
+            logger.info(e.stack);
             statusReport.analyze_failure_language = language;
             throw new CodeQLAnalysisError(statusReport, `Error running analysis for ${language}: ${e}`);
         }

lib/codeql.js

@@ -493,7 +493,7 @@ function getCodeQLForCmd(cmd) {
             await new toolrunner.ToolRunner(cmd, args, {
                 listeners: {
                     stdout: (data) => {
-                        output += data.toString("utf8");
+                        output += data.toString();
                     },
                 },
             }).exec();
@@ -513,7 +513,7 @@ function getCodeQLForCmd(cmd) {
             const args = [
                 "pack",
                 "download",
-                "-v",
+                "--format=json",
                 ...getExtraOptionsFromEnv(["pack", "download"]),
                 ...packs.map(packWithVersionToString),
             ];

lib/init-action.js

@@ -7,7 +7,11 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
+const yaml = __importStar(require("js-yaml"));
 const actions_util_1 = require("./actions-util");
 const init_1 = require("./init");
 const languages_1 = require("./languages");
@@ -82,6 +86,22 @@ async function run() {
                 logger.warning(`${err.message} You can call this action with 'setup-python-dependencies: false' to disable this process`);
             }
         }
+        ////////////////////////////////
+        // TODO This should not happen in the action, we should be able to
+        // generate the default qlconfig from the CLI
+        // DO NOT COMMIT THIS
+        const defaultQlConfig = {
+            registryKind: "docker",
+            registries: [
+                {
+                    url: "https://ghcr.io/v2/",
+                    packages: "*",
+                },
+            ],
+        };
+        fs.mkdirSync(path.join(os.homedir(), ".codeql"));
+        fs.writeFileSync(path.join(os.homedir(), ".codeql", "qlconfig.yml"), yaml.safeDump(defaultQlConfig), "utf8");
+        ////////////////////////////////
     }
     catch (e) {
         core.setFailed(e.message);

src/analyze.ts

@@ -178,6 +178,16 @@ export async function runQueries(
     }
 
     try {
+      if (hasPackWithCustomQueries) {
+        const codeql = getCodeQL(config.codeQLCmd);
+        const results = await codeql.packDownload(packsWithVersion);
+        logger.info(
+          `Downloaded packs: ${results.packs
+            .map((r) => `${r.name}@${r.version || "latest"}`)
+            .join(", ")}`
+        );
+      }
+
       let analysisSummaryBuiltIn = "";
       const customAnalysisSummaries: string[] = [];
       if (queries["builtin"].length > 0) {
@@ -256,6 +266,7 @@ export async function runQueries(
       logger.endGroup();
     } catch (e) {
       logger.info(e);
+      logger.info(e.stack);
       statusReport.analyze_failure_language = language;
       throw new CodeQLAnalysisError(
         statusReport,

src/codeql.ts

@@ -760,7 +760,7 @@ function getCodeQLForCmd(cmd: string): CodeQL {
       await new toolrunner.ToolRunner(cmd, args, {
         listeners: {
           stdout: (data: Buffer) => {
-            output += data.toString("utf8");
+            output += data.toString();
           },
         },
       }).exec();
@@ -781,7 +781,7 @@ function getCodeQLForCmd(cmd: string): CodeQL {
       const args = [
         "pack",
         "download",
-        "-v",
+        "--format=json",
         ...getExtraOptionsFromEnv(["pack", "download"]),
         ...packs.map(packWithVersionToString),
       ];

src/init-action.ts

@@ -1,4 +1,9 @@
+import * as fs from "fs";
+import * as os from "os";
+import * as path from "path";
+
 import * as core from "@actions/core";
+import * as yaml from "js-yaml";
 
 import {
   createStatusReportBase,
@@ -177,6 +182,28 @@ async function run() {
         );
       }
     }
+
+    ////////////////////////////////
+    // TODO This should not happen in the action, we should be able to
+    // generate the default qlconfig from the CLI
+    // DO NOT COMMIT THIS
+    const defaultQlConfig = {
+      registryKind: "docker",
+      registries: [
+        {
+          url: "https://ghcr.io/v2/",
+          packages: "*",
+        },
+      ],
+    };
+
+    fs.mkdirSync(path.join(os.homedir(), ".codeql"));
+    fs.writeFileSync(
+      path.join(os.homedir(), ".codeql", "qlconfig.yml"),
+      yaml.safeDump(defaultQlConfig),
+      "utf8"
+    );
+    ////////////////////////////////
   } catch (e) {
     core.setFailed(e.message);
     console.log(e);