Merge branch 'main' into henrymercer/autobuild-with-direct-tracing

2024-04-15 18:29:26 +01:00 · 2024-04-15 18:29:26 +01:00 · ea78e51e31
commit ea78e51e31
parent 14eab9153b 24b71bdbcc
24 changed files with 431 additions and 35 deletions
--- a/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml
+++ b/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml
@ -0,0 +1,50 @@
+name: "Go: diagnostic when `file` is not installed"
+description: "Checks that we emit a diagnostic if the `file` program is not installed"
+# only Linux is affected
+operatingSystems: ["ubuntu"]
+# pinned to a version which does not support statically linked binaries for indirect tracing
+versions: ["stable-v2.14.6"]
+steps:
+  - uses: actions/setup-go@v5
+    with:
+      # We need a Go version that ships with statically linked binaries on Linux
+      go-version: ">=1.21.0"
+  - name: Remove `file` program
+    run: |
+      echo $(which file)
+      sudo rm -rf $(which file)
+      echo $(which file)
+  - uses: ./../action/init
+    with:
+      languages: go
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+  - name: Build code
+    shell: bash
+    run: go build main.go
+  - uses: ./../action/analyze
+    with:
+      output: "${{ runner.temp }}/results"
+      upload-database: false
+  - name: Check diagnostic appears in SARIF
+    uses: actions/github-script@v7
+    env:
+      SARIF_PATH: "${{ runner.temp }}/results/go.sarif"
+    with:
+      script: |
+        const fs = require('fs');
+
+        const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
+        const run = sarif.runs[0];
+
+        const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
+        const statusPageNotifications = toolExecutionNotifications.filter(n =>
+          n.descriptor.id === 'go/workflow/file-program-unavailable' && n.properties?.visibility?.statusPage
+        );
+        if (statusPageNotifications.length !== 1) {
+          core.setFailed(
+            'Expected exactly one status page reporting descriptor for this diagnostic in the ' +
+              `'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
+              `${statusPageNotifications.length}. All notification reporting descriptors: ` +
+              `${JSON.stringify(toolExecutionNotifications)}.`
+          );
+        }