robojerk/codeql-action

Remove Action-config code path in runQueries

Browse source
This commit is contained in:
Henry Mercer 2024-01-04 14:45:16 +00:00
parent fa98ec0c7a
commit f53698be43
3 changed files with 44 additions and 250 deletions
Download patch file Download diff file Expand all files Collapse all files

112
lib/analyze.js generated
View file

@ -135,88 +135,27 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd); const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
const queryFlags = [memoryFlag, threadsFlag]; const queryFlags = [memoryFlag, threadsFlag];
for (const language of config.languages) { for (const language of config.languages) {
const queries = config.queries[language];
const queryFilters = validateQueryFilters(config.originalUserInput["query-filters"]);
const packsWithVersion = config.packs[language] || [];
try { try {
const sarifFile = path.join(sarifFolder, `${language}.sarif`); const sarifFile = path.join(sarifFolder, `${language}.sarif`);
let startTimeInterpretResults; // The work needed to generate the query suites
let endTimeInterpretResults; // is done in the CLI. We just need to make a single
// TODO: will clean up in a future commit // call to run all the queries for each language and
// eslint-disable-next-line no-constant-condition // another to interpret the results.
if (true) { logger.startGroup(`Running queries for ${language}`);
// If we are using the code scanning config in the CLI, const startTimeBuiltIn = new Date().getTime();
// much of the work needed to generate the query suites await runQueryGroup(language, "all", undefined, undefined, true);
// is done in the CLI. We just need to make a single // TODO should not be using `builtin` here. We should be using `all` instead.
// call to run all the queries for each language and // The status report does not support `all` yet.
// another to interpret the results. statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
logger.startGroup(`Running queries for ${language}`); new Date().getTime() - startTimeBuiltIn;
const startTimeBuiltIn = new Date().getTime(); logger.startGroup(`Interpreting results for ${language}`);
await runQueryGroup(language, "all", undefined, undefined, true); const startTimeInterpretResults = new Date();
// TODO should not be using `builtin` here. We should be using `all` instead. const analysisSummary = await runInterpretResults(language, undefined, sarifFile, config.debugMode);
// The status report does not support `all` yet. const endTimeInterpretResults = new Date();
statusReport[`analyze_builtin_queries_${language}_duration_ms`] = statusReport[`interpret_results_${language}_duration_ms`] =
new Date().getTime() - startTimeBuiltIn; endTimeInterpretResults.getTime() - startTimeInterpretResults.getTime();
logger.startGroup(`Interpreting results for ${language}`); logger.endGroup();
startTimeInterpretResults = new Date(); logger.info(analysisSummary);
const analysisSummary = await runInterpretResults(language, undefined, sarifFile, config.debugMode);
endTimeInterpretResults = new Date();
statusReport[`interpret_results_${language}_duration_ms`] =
endTimeInterpretResults.getTime() -
startTimeInterpretResults.getTime();
logger.endGroup();
logger.info(analysisSummary);
}
else {
// config was generated by the action, so must be interpreted by the action.
const hasBuiltinQueries = queries?.builtin.length > 0;
const hasCustomQueries = queries?.custom.length > 0;
const hasPackWithCustomQueries = packsWithVersion.length > 0;
if (!hasBuiltinQueries &&
!hasCustomQueries &&
!hasPackWithCustomQueries) {
throw new util_1.UserError(`Unable to analyze ${language} as no queries were selected for this language`);
}
const customQueryIndices = [];
for (let i = 0; i < queries.custom.length; ++i) {
if (queries.custom[i].queries.length > 0) {
customQueryIndices.push(i);
}
}
logger.startGroup(`Running queries for ${language}`);
const querySuitePaths = [];
if (queries.builtin.length > 0) {
const startTimeBuiltIn = new Date().getTime();
querySuitePaths.push((await runQueryGroup(language, "builtin", createQuerySuiteContents(queries.builtin, queryFilters), undefined, customQueryIndices.length === 0 && packsWithVersion.length === 0)));
statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeBuiltIn;
}
const startTimeCustom = new Date().getTime();
let ranCustom = false;
for (const i of customQueryIndices) {
querySuitePaths.push((await runQueryGroup(language, `custom-${i}`, createQuerySuiteContents(queries.custom[i].queries, queryFilters), queries.custom[i].searchPath, i === customQueryIndices[customQueryIndices.length - 1] &&
packsWithVersion.length === 0)));
ranCustom = true;
}
if (packsWithVersion.length > 0) {
querySuitePaths.push(await runQueryPacks(language, "packs", packsWithVersion, queryFilters, true));
ranCustom = true;
}
if (ranCustom) {
statusReport[`analyze_custom_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeCustom;
}
logger.endGroup();
logger.startGroup(`Interpreting results for ${language}`);
startTimeInterpretResults = new Date();
const analysisSummary = await runInterpretResults(language, querySuitePaths, sarifFile, config.debugMode);
endTimeInterpretResults = new Date();
statusReport[`interpret_results_${language}_duration_ms`] =
endTimeInterpretResults.getTime() -
startTimeInterpretResults.getTime();
logger.endGroup();
logger.info(analysisSummary);
}
if (await features.getValue(feature_flags_1.Feature.QaTelemetryEnabled)) { if (await features.getValue(feature_flags_1.Feature.QaTelemetryEnabled)) {
const perQueryAlertCounts = getPerQueryAlertCounts(sarifFile, logger); const perQueryAlertCounts = getPerQueryAlertCounts(sarifFile, logger);
const perQueryAlertCountEventReport = { const perQueryAlertCountEventReport = {
@ -287,19 +226,6 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
logger.debug(`BQRS results produced for ${language} (queries: ${type})"`); logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
return querySuitePath; return querySuitePath;
} }
async function runQueryPacks(language, type, packs, queryFilters, optimizeForLastQueryRun) {
const databasePath = util.getCodeQLDatabasePath(config, language);
for (const pack of packs) {
logger.debug(`Running query pack for ${language}-${type}: ${pack}`);
}
// combine the list of packs into a query suite in order to run them all simultaneously.
const querySuite = packs.map(convertPackToQuerySuiteEntry).concat(queryFilters);
const querySuitePath = `${databasePath}-queries-${type}.qls`;
fs.writeFileSync(querySuitePath, yaml.dump(querySuite));
logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
await codeql.databaseRunQueries(databasePath, undefined, querySuitePath, queryFlags, optimizeForLastQueryRun, features);
return querySuitePath;
}
} }
exports.runQueries = runQueries; exports.runQueries = runQueries;
function convertPackToQuerySuiteEntry(packStr) { function convertPackToQuerySuiteEntry(packStr) {

2
lib/analyze.js.map
View file

File diff suppressed because one or more lines are too long

180
src/analyze.ts
View file

@ -241,133 +241,35 @@ export async function runQueries(
const queryFlags = [memoryFlag, threadsFlag]; const queryFlags = [memoryFlag, threadsFlag];
for (const language of config.languages) { for (const language of config.languages) {
const queries = config.queries[language];
const queryFilters = validateQueryFilters(
config.originalUserInput["query-filters"],
);
const packsWithVersion = config.packs[language] || [];
try { try {
const sarifFile = path.join(sarifFolder, `${language}.sarif`); const sarifFile = path.join(sarifFolder, `${language}.sarif`);
let startTimeInterpretResults: Date;
let endTimeInterpretResults: Date;
// TODO: will clean up in a future commit
// eslint-disable-next-line no-constant-condition
if (true) {
// If we are using the code scanning config in the CLI,
// much of the work needed to generate the query suites
// is done in the CLI. We just need to make a single
// call to run all the queries for each language and
// another to interpret the results.
logger.startGroup(`Running queries for ${language}`);
const startTimeBuiltIn = new Date().getTime();
await runQueryGroup(language, "all", undefined, undefined, true);
// TODO should not be using `builtin` here. We should be using `all` instead.
// The status report does not support `all` yet.
statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeBuiltIn;
logger.startGroup(`Interpreting results for ${language}`); // The work needed to generate the query suites
startTimeInterpretResults = new Date(); // is done in the CLI. We just need to make a single
const analysisSummary = await runInterpretResults( // call to run all the queries for each language and
language, // another to interpret the results.
undefined, logger.startGroup(`Running queries for ${language}`);
sarifFile, const startTimeBuiltIn = new Date().getTime();
config.debugMode, await runQueryGroup(language, "all", undefined, undefined, true);
); // TODO should not be using `builtin` here. We should be using `all` instead.
endTimeInterpretResults = new Date(); // The status report does not support `all` yet.
statusReport[`interpret_results_${language}_duration_ms`] = statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
endTimeInterpretResults.getTime() - new Date().getTime() - startTimeBuiltIn;
startTimeInterpretResults.getTime();
logger.endGroup();
logger.info(analysisSummary);
} else {
// config was generated by the action, so must be interpreted by the action.
const hasBuiltinQueries = queries?.builtin.length > 0; logger.startGroup(`Interpreting results for ${language}`);
const hasCustomQueries = queries?.custom.length > 0; const startTimeInterpretResults = new Date();
const hasPackWithCustomQueries = packsWithVersion.length > 0; const analysisSummary = await runInterpretResults(
language,
undefined,
sarifFile,
config.debugMode,
);
const endTimeInterpretResults = new Date();
statusReport[`interpret_results_${language}_duration_ms`] =
endTimeInterpretResults.getTime() - startTimeInterpretResults.getTime();
logger.endGroup();
logger.info(analysisSummary);
if (
!hasBuiltinQueries &&
!hasCustomQueries &&
!hasPackWithCustomQueries
) {
throw new UserError(
`Unable to analyze ${language} as no queries were selected for this language`,
);
}
const customQueryIndices: number[] = [];
for (let i = 0; i < queries.custom.length; ++i) {
if (queries.custom[i].queries.length > 0) {
customQueryIndices.push(i);
}
}
logger.startGroup(`Running queries for ${language}`);
const querySuitePaths: string[] = [];
if (queries.builtin.length > 0) {
const startTimeBuiltIn = new Date().getTime();
querySuitePaths.push(
(await runQueryGroup(
language,
"builtin",
createQuerySuiteContents(queries.builtin, queryFilters),
undefined,
customQueryIndices.length === 0 && packsWithVersion.length === 0,
)) as string,
);
statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeBuiltIn;
}
const startTimeCustom = new Date().getTime();
let ranCustom = false;
for (const i of customQueryIndices) {
querySuitePaths.push(
(await runQueryGroup(
language,
`custom-${i}`,
createQuerySuiteContents(queries.custom[i].queries, queryFilters),
queries.custom[i].searchPath,
i === customQueryIndices[customQueryIndices.length - 1] &&
packsWithVersion.length === 0,
)) as string,
);
ranCustom = true;
}
if (packsWithVersion.length > 0) {
querySuitePaths.push(
await runQueryPacks(
language,
"packs",
packsWithVersion,
queryFilters,
true,
),
);
ranCustom = true;
}
if (ranCustom) {
statusReport[`analyze_custom_queries_${language}_duration_ms`] =
new Date().getTime() - startTimeCustom;
}
logger.endGroup();
logger.startGroup(`Interpreting results for ${language}`);
startTimeInterpretResults = new Date();
const analysisSummary = await runInterpretResults(
language,
querySuitePaths,
sarifFile,
config.debugMode,
);
endTimeInterpretResults = new Date();
statusReport[`interpret_results_${language}_duration_ms`] =
endTimeInterpretResults.getTime() -
startTimeInterpretResults.getTime();
logger.endGroup();
logger.info(analysisSummary);
}
if (await features.getValue(Feature.QaTelemetryEnabled)) { if (await features.getValue(Feature.QaTelemetryEnabled)) {
const perQueryAlertCounts = getPerQueryAlertCounts(sarifFile, logger); const perQueryAlertCounts = getPerQueryAlertCounts(sarifFile, logger);
@ -492,40 +394,6 @@ export async function runQueries(
logger.debug(`BQRS results produced for ${language} (queries: ${type})"`); logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
return querySuitePath; return querySuitePath;
} }
async function runQueryPacks(
language: Language,
type: string,
packs: string[],
queryFilters: configUtils.QueryFilter[],
optimizeForLastQueryRun: boolean,
): Promise<string> {
const databasePath = util.getCodeQLDatabasePath(config, language);
for (const pack of packs) {
logger.debug(`Running query pack for ${language}-${type}: ${pack}`);
}
// combine the list of packs into a query suite in order to run them all simultaneously.
const querySuite = (
packs.map(convertPackToQuerySuiteEntry) as configUtils.QuerySuiteEntry[]
).concat(queryFilters);
const querySuitePath = `${databasePath}-queries-${type}.qls`;
fs.writeFileSync(querySuitePath, yaml.dump(querySuite));
logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
await codeql.databaseRunQueries(
databasePath,
undefined,
querySuitePath,
queryFlags,
optimizeForLastQueryRun,
features,
);
return querySuitePath;
}
} }
export function convertPackToQuerySuiteEntry( export function convertPackToQuerySuiteEntry(