robojerk/codeql-action

Merge branch 'main' into rneatherway/remove-old-upload-path

Browse source
This commit is contained in:
Robin Neatherway 2022-01-25 12:36:23 +00:00
commit e13c8bbfb7
21 changed files with 55 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/analyze-action.ts
View file

@ -111,12 +111,6 @@ async function run() {
repositoryNwo,
logger
);
// We currently perform an API request in both the `init` and `analyze` Actions to determine
// what feature flags are enabled. At the time of writing, this redundant API call is acceptable
// to us, but if we wanted to avoid it, we could do so by serializing the feature flags as part
// of the config file.
void featureFlags.preloadFeatureFlags();
await runFinalize(outputDir, threads, memory, config, logger);
if (actionsUtil.getRequiredInput("skip-queries") !== "true") {
runStats = await runQueries(

7
src/analyze.ts
View file

@ -232,12 +232,7 @@ export async function runQueries(
try {
if (hasPackWithCustomQueries) {
logger.info("*************");
logger.info(
"Performing analysis with custom QL Packs. QL Packs are an experimental feature."
);
logger.info("And should not be used in production yet.");
logger.info("*************");
logger.info("Performing analysis with custom CodeQL Packs.");
logger.startGroup(`Downloading custom packs for ${language}`);
const codeql = await getCodeQL(config.codeQLCmd);

11
src/feature-flags.test.ts
View file

@ -114,10 +114,13 @@ test("Feature flags exception is propagated if the API request errors", async (t
mockFeatureFlagApiEndpoint(500, {});
await t.throwsAsync(async () => featureFlags.preloadFeatureFlags(), {
message:
"Encountered an error while trying to load feature flags: Error: some error message",
});
await t.throwsAsync(
async () => featureFlags.getValue(FeatureFlag.DatabaseUploadsEnabled),
{
message:
"Encountered an error while trying to load feature flags: Error: some error message",
}
);
});
});

27
src/feature-flags.ts
View file

@ -41,10 +41,6 @@ export class GitHubFeatureFlags implements FeatureFlags {
return response;
}
async preloadFeatureFlags(): Promise<void> {
await this.getApiResponse();
}
private async getApiResponse(): Promise<FeatureFlagsApiResponse> {
const loadApiResponse = async () => {
// Do nothing when not running against github.com
@ -65,13 +61,22 @@ export class GitHubFeatureFlags implements FeatureFlags {
);
return response.data;
} catch (e) {
// Some feature flags, such as `ml_powered_queries_enabled` affect the produced alerts.
// Considering these feature flags disabled in the event of a transient error could
// therefore lead to alert churn. As a result, we crash if we cannot determine the value of
// the feature flags.
throw new Error(
`Encountered an error while trying to load feature flags: ${e}`
);
if (util.isHTTPError(e) && e.status === 403) {
this.logger.warning(
"This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. " +
"As a result, it will not be opted into any experimental features. " +
"This could be because the Action is running on a pull request from a fork. If not, " +
`please ensure the Action has the 'security-events: write' permission. Details: ${e}`
);
} else {
// Some feature flags, such as `ml_powered_queries_enabled` affect the produced alerts.
// Considering these feature flags disabled in the event of a transient error could
// therefore lead to alert churn. As a result, we crash if we cannot determine the value of
// the feature flags.
throw new Error(
`Encountered an error while trying to load feature flags: ${e}`
);
}
}
};

1
src/init-action.ts
View file

@ -143,7 +143,6 @@ async function run() {
repositoryNwo,
logger
);
void featureFlags.preloadFeatureFlags();
try {
const workflowErrors = await validateWorkflow();