robojerk/codeql-action

Rename checkoutPath to either workspacePath or sourceRoot

Browse source
This commit is contained in:
Arthur Baars 2021-07-01 11:38:14 +02:00
parent 1137e7db3e
commit f94f1ed663
18 changed files with 100 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

41
lib/config-utils.js generated
View file

@ -114,10 +114,10 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, suiteName, c
/** /**
* Retrieve the set of queries at localQueryPath and add them to resultMap. * Retrieve the set of queries at localQueryPath and add them to resultMap.
*/ */
async function addLocalQueries(codeQL, resultMap, localQueryPath, checkoutPath, configFile) { async function addLocalQueries(codeQL, resultMap, localQueryPath, workspacePath, configFile) {
// Resolve the local path against the workspace so that when this is // Resolve the local path against the workspace so that when this is
// passed to codeql it resolves to exactly the path we expect it to resolve to. // passed to codeql it resolves to exactly the path we expect it to resolve to.
let absoluteQueryPath = path.join(checkoutPath, localQueryPath); let absoluteQueryPath = path.join(workspacePath, localQueryPath);
// Check the file exists // Check the file exists
if (!fs.existsSync(absoluteQueryPath)) { if (!fs.existsSync(absoluteQueryPath)) {
throw new Error(getLocalPathDoesNotExist(configFile, localQueryPath)); throw new Error(getLocalPathDoesNotExist(configFile, localQueryPath));
@ -125,10 +125,11 @@ async function addLocalQueries(codeQL, resultMap, localQueryPath, checkoutPath,
// Call this after checking file exists, because it'll fail if file doesn't exist // Call this after checking file exists, because it'll fail if file doesn't exist
absoluteQueryPath = fs.realpathSync(absoluteQueryPath); absoluteQueryPath = fs.realpathSync(absoluteQueryPath);
// Check the local path doesn't jump outside the repo using '..' or symlinks // Check the local path doesn't jump outside the repo using '..' or symlinks
if (!(absoluteQueryPath + path.sep).startsWith(fs.realpathSync(checkoutPath) + path.sep)) { if (!(absoluteQueryPath + path.sep).startsWith(fs.realpathSync(workspacePath) + path.sep)) {
throw new Error(getLocalPathOutsideOfRepository(configFile, localQueryPath)); throw new Error(getLocalPathOutsideOfRepository(configFile, localQueryPath));
} }
await runResolveQueries(codeQL, resultMap, [absoluteQueryPath], checkoutPath); const extraSearchPath = workspacePath;
await runResolveQueries(codeQL, resultMap, [absoluteQueryPath], extraSearchPath);
} }
/** /**
* Retrieve the set of queries at the referenced remote repo and add them to resultMap. * Retrieve the set of queries at the referenced remote repo and add them to resultMap.
@ -166,14 +167,14 @@ async function addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetail
* local paths starting with './', or references to remote repos, or * local paths starting with './', or references to remote repos, or
* a finite set of hardcoded terms for builtin suites. * a finite set of hardcoded terms for builtin suites.
*/ */
async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir, checkoutPath, apiDetails, logger, configFile) { async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir, workspacePath, apiDetails, logger, configFile) {
queryUses = queryUses.trim(); queryUses = queryUses.trim();
if (queryUses === "") { if (queryUses === "") {
throw new Error(getQueryUsesInvalid(configFile)); throw new Error(getQueryUsesInvalid(configFile));
} }
// Check for the local path case before we start trying to parse the repository name // Check for the local path case before we start trying to parse the repository name
if (queryUses.startsWith("./")) { if (queryUses.startsWith("./")) {
await addLocalQueries(codeQL, resultMap, queryUses.slice(2), checkoutPath, configFile); await addLocalQueries(codeQL, resultMap, queryUses.slice(2), workspacePath, configFile);
return; return;
} }
// Check for one of the builtin suites // Check for one of the builtin suites
@ -390,12 +391,12 @@ async function getLanguages(codeQL, languagesInput, repository, apiDetails, logg
} }
return parsedLanguages; return parsedLanguages;
} }
async function addQueriesFromWorkflow(codeQL, queriesInput, languages, resultMap, tempDir, checkoutPath, apiDetails, logger) { async function addQueriesFromWorkflow(codeQL, queriesInput, languages, resultMap, tempDir, workspacePath, apiDetails, logger) {
queriesInput = queriesInput.trim(); queriesInput = queriesInput.trim();
// "+" means "don't override config file" - see shouldAddConfigFileQueries // "+" means "don't override config file" - see shouldAddConfigFileQueries
queriesInput = queriesInput.replace(/^\+/, ""); queriesInput = queriesInput.replace(/^\+/, "");
for (const query of queriesInput.split(",")) { for (const query of queriesInput.split(",")) {
await parseQueryUses(languages, codeQL, resultMap, query, tempDir, checkoutPath, apiDetails, logger); await parseQueryUses(languages, codeQL, resultMap, query, tempDir, workspacePath, apiDetails, logger);
} }
} }
// Returns true if either no queries were provided in the workflow. // Returns true if either no queries were provided in the workflow.
@ -411,7 +412,7 @@ function shouldAddConfigFileQueries(queriesInput) {
/** /**
* Get the default config for when the user has not supplied one. * Get the default config for when the user has not supplied one.
*/ */
async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger) { async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
var _a; var _a;
const languages = await getLanguages(codeQL, languagesInput, repository, apiDetails, logger); const languages = await getLanguages(codeQL, languagesInput, repository, apiDetails, logger);
const queries = {}; const queries = {};
@ -423,7 +424,7 @@ async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLoca
} }
await addDefaultQueries(codeQL, languages, queries); await addDefaultQueries(codeQL, languages, queries);
if (queriesInput) { if (queriesInput) {
await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, apiDetails, logger); await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, workspacePath, apiDetails, logger);
} }
const packs = (_a = parsePacksFromInput(packsInput, languages), (_a !== null && _a !== void 0 ? _a : {})); const packs = (_a = parsePacksFromInput(packsInput, languages), (_a !== null && _a !== void 0 ? _a : {}));
return { return {
@ -444,13 +445,13 @@ exports.getDefaultConfig = getDefaultConfig;
/** /**
* Load the config from the given file. * Load the config from the given file.
*/ */
async function loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger) { async function loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
var _a; var _a;
let parsedYAML; let parsedYAML;
if (isLocal(configFile)) { if (isLocal(configFile)) {
// Treat the config file as relative to the workspace // Treat the config file as relative to the workspace
configFile = path.resolve(checkoutPath, configFile); configFile = path.resolve(workspacePath, configFile);
parsedYAML = getLocalConfig(configFile, checkoutPath); parsedYAML = getLocalConfig(configFile, workspacePath);
} }
else { else {
parsedYAML = await getRemoteConfig(configFile, apiDetails); parsedYAML = await getRemoteConfig(configFile, apiDetails);
@ -490,7 +491,7 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
// unless they're prefixed with "+", in which case they supplement those // unless they're prefixed with "+", in which case they supplement those
// in the config file. // in the config file.
if (queriesInput) { if (queriesInput) {
await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, apiDetails, logger); await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, workspacePath, apiDetails, logger);
} }
if (shouldAddConfigFileQueries(queriesInput) && if (shouldAddConfigFileQueries(queriesInput) &&
QUERIES_PROPERTY in parsedYAML) { QUERIES_PROPERTY in parsedYAML) {
@ -503,7 +504,7 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
typeof query[QUERIES_USES_PROPERTY] !== "string") { typeof query[QUERIES_USES_PROPERTY] !== "string") {
throw new Error(getQueryUsesInvalid(configFile)); throw new Error(getQueryUsesInvalid(configFile));
} }
await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, checkoutPath, apiDetails, logger, configFile); await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, workspacePath, apiDetails, logger, configFile);
} }
} }
if (PATHS_IGNORE_PROPERTY in parsedYAML) { if (PATHS_IGNORE_PROPERTY in parsedYAML) {
@ -668,16 +669,16 @@ function dbLocationOrDefault(dbLocation, tempDir) {
* This will parse the config from the user input if present, or generate * This will parse the config from the user input if present, or generate
* a default config. The parsed config is then stored to a known location. * a default config. The parsed config is then stored to a known location.
*/ */
async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger) { async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
var _a, _b, _c; var _a, _b, _c;
let config; let config;
// If no config file was provided create an empty one // If no config file was provided create an empty one
if (!configFile) { if (!configFile) {
logger.debug("No configuration file was provided"); logger.debug("No configuration file was provided");
config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger); config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
} }
else { else {
config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger); config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
} }
// The list of queries should not be empty for any language. If it is then // The list of queries should not be empty for any language. If it is then
// it is a user configuration error. // it is a user configuration error.
@ -702,9 +703,9 @@ function isLocal(configPath) {
} }
return configPath.indexOf("@") === -1; return configPath.indexOf("@") === -1;
} }
function getLocalConfig(configFile, checkoutPath) { function getLocalConfig(configFile, workspacePath) {
// Error if the config file is now outside of the workspace // Error if the config file is now outside of the workspace
if (!(configFile + path.sep).startsWith(checkoutPath + path.sep)) { if (!(configFile + path.sep).startsWith(workspacePath + path.sep)) {
throw new Error(getConfigFileOutsideWorkspaceErrorMessage(configFile)); throw new Error(getConfigFileOutsideWorkspaceErrorMessage(configFile));
} }
// Error if the file does not exist // Error if the file does not exist

2
lib/config-utils.js.map
View file

File diff suppressed because one or more lines are too long

8
lib/fingerprints.js generated
View file

@ -160,7 +160,7 @@ function locationUpdateCallback(result, location, logger) {
// the source file so we can hash it. // the source file so we can hash it.
// If possible returns a absolute file path for the source file, // If possible returns a absolute file path for the source file,
// or if not possible then returns undefined. // or if not possible then returns undefined.
function resolveUriToFile(location, artifacts, checkoutPath, logger) { function resolveUriToFile(location, artifacts, sourceRoot, logger) {
// This may be referencing an artifact // This may be referencing an artifact
if (!location.uri && location.index !== undefined) { if (!location.uri && location.index !== undefined) {
if (typeof location.index !== "number" || if (typeof location.index !== "number" ||
@ -188,7 +188,7 @@ function resolveUriToFile(location, artifacts, checkoutPath, logger) {
return undefined; return undefined;
} }
// Discard any absolute paths that aren't in the src root // Discard any absolute paths that aren't in the src root
const srcRootPrefix = `${checkoutPath}/`; const srcRootPrefix = `${sourceRoot}/`;
if (uri.startsWith("/") && !uri.startsWith(srcRootPrefix)) { if (uri.startsWith("/") && !uri.startsWith(srcRootPrefix)) {
logger.debug(`Ignoring location URI "${uri}" as it is outside of the src root`); logger.debug(`Ignoring location URI "${uri}" as it is outside of the src root`);
return undefined; return undefined;
@ -213,7 +213,7 @@ function resolveUriToFile(location, artifacts, checkoutPath, logger) {
exports.resolveUriToFile = resolveUriToFile; exports.resolveUriToFile = resolveUriToFile;
// Compute fingerprints for results in the given sarif file // Compute fingerprints for results in the given sarif file
// and return an updated sarif file contents. // and return an updated sarif file contents.
async function addFingerprints(sarifContents, checkoutPath, logger) { async function addFingerprints(sarifContents, sourceRoot, logger) {
var _a, _b, _c, _d, _e; var _a, _b, _c, _d, _e;
const sarif = JSON.parse(sarifContents); const sarif = JSON.parse(sarifContents);
// Gather together results for the same file and construct // Gather together results for the same file and construct
@ -233,7 +233,7 @@ async function addFingerprints(sarifContents, checkoutPath, logger) {
// Locations without a line number are unlikely to be source files // Locations without a line number are unlikely to be source files
continue; continue;
} }
const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts, checkoutPath, logger); const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts, sourceRoot, logger);
if (!filepath) { if (!filepath) {
continue; continue;
} }

2
lib/fingerprints.js.map
View file

File diff suppressed because one or more lines are too long

8
lib/fingerprints.test.js generated
View file

@ -167,8 +167,8 @@ ava_1.default("addFingerprints", async (t) => {
input = JSON.stringify(JSON.parse(input)); input = JSON.stringify(JSON.parse(input));
expected = JSON.stringify(JSON.parse(expected)); expected = JSON.stringify(JSON.parse(expected));
// The URIs in the SARIF files resolve to files in the testdata directory // The URIs in the SARIF files resolve to files in the testdata directory
const checkoutPath = path.normalize(`${__dirname}/../src/testdata`); const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
t.deepEqual(await fingerprints.addFingerprints(input, checkoutPath, logging_1.getRunnerLogger(true)), expected); t.deepEqual(await fingerprints.addFingerprints(input, sourceRoot, logging_1.getRunnerLogger(true)), expected);
}); });
ava_1.default("missingRegions", async (t) => { ava_1.default("missingRegions", async (t) => {
// Run an end-to-end test on a test file // Run an end-to-end test on a test file
@ -182,7 +182,7 @@ ava_1.default("missingRegions", async (t) => {
input = JSON.stringify(JSON.parse(input)); input = JSON.stringify(JSON.parse(input));
expected = JSON.stringify(JSON.parse(expected)); expected = JSON.stringify(JSON.parse(expected));
// The URIs in the SARIF files resolve to files in the testdata directory // The URIs in the SARIF files resolve to files in the testdata directory
const checkoutPath = path.normalize(`${__dirname}/../src/testdata`); const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
t.deepEqual(await fingerprints.addFingerprints(input, checkoutPath, logging_1.getRunnerLogger(true)), expected); t.deepEqual(await fingerprints.addFingerprints(input, sourceRoot, logging_1.getRunnerLogger(true)), expected);
}); });
//# sourceMappingURL=fingerprints.test.js.map //# sourceMappingURL=fingerprints.test.js.map

2
lib/fingerprints.test.js.map
View file

File diff suppressed because one or more lines are too long

4
lib/init.js generated
View file

@ -24,9 +24,9 @@ async function initCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant,
return { codeql, toolsVersion }; return { codeql, toolsVersion };
} }
exports.initCodeQL = initCodeQL; exports.initCodeQL = initCodeQL;
async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger) { async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
logger.startGroup("Load language configuration"); logger.startGroup("Load language configuration");
const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, checkoutPath, gitHubVersion, apiDetails, logger); const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
analysisPaths.printPathFiltersWarning(config, logger); analysisPaths.printPathFiltersWarning(config, logger);
logger.endGroup(); logger.endGroup();
return config; return config;

2
lib/init.js.map
View file

@ -1 +1 @@
{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA+C;AAC/C,4DAA8C;AAG9C,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,YAAoB,EACpB,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,oBAAW,CAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,OAAO,EACP,MAAM,CACP,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AApBD,gCAoBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,YAAoB,EACpB,aAAiC,EACjC,UAAoC,EACpC,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,YAAY,EACZ,aAAa,EACb,UAAU,EACV,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AAlCD,gCAkCC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB;IAElB,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,sEAAsE;IACtE,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,yBAAyB;QACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;KACH;IAED,OAAO,MAAM,uCAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAlBD,0BAkBC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAtCD,8CAsCC"} {"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA+C;AAC/C,4DAA8C;AAG9C,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,YAAoB,EACpB,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,oBAAW,CAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,OAAO,EACP,MAAM,CACP,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AApBD,gCAoBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AAlCD,gCAkCC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB;IAElB,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,sEAAsE;IACtE,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,yBAAyB;QACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;KACH;IAED,OAAO,MAAM,uCAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAlBD,0BAkBC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAtCD,8CAsCC"}

12
lib/runner.js generated
View file

@ -129,8 +129,10 @@ program
else { else {
codeql = (await init_1.initCodeQL(undefined, apiDetails, tempDir, toolsDir, gitHubVersion.type, logger)).codeql; codeql = (await init_1.initCodeQL(undefined, apiDetails, tempDir, toolsDir, gitHubVersion.type, logger)).codeql;
} }
const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, checkoutPath, gitHubVersion, apiDetails, logger); const workspacePath = checkoutPath;
const tracerConfig = await init_1.runInit(codeql, config, checkoutPath); const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, workspacePath, gitHubVersion, apiDetails, logger);
const sourceRoot = checkoutPath;
const tracerConfig = await init_1.runInit(codeql, config, sourceRoot);
if (tracerConfig === undefined) { if (tracerConfig === undefined) {
return; return;
} }
@ -251,7 +253,8 @@ program
logger.info("Not uploading results"); logger.info("Not uploading results");
return; return;
} }
await upload_lib.uploadFromRunner(outputDir, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), cmd.category, cmd.checkoutPath || process.cwd(), config.gitHubVersion, apiDetails, logger); const sourceRoot = cmd.checkoutPath || process.cwd();
await upload_lib.uploadFromRunner(outputDir, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), cmd.category, sourceRoot, config.gitHubVersion, apiDetails, logger);
} }
catch (e) { catch (e) {
logger.error("Analyze failed"); logger.error("Analyze failed");
@ -281,7 +284,8 @@ program
}; };
try { try {
const gitHubVersion = await util_1.getGitHubVersion(apiDetails); const gitHubVersion = await util_1.getGitHubVersion(apiDetails);
await upload_lib.uploadFromRunner(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), cmd.category, cmd.checkoutPath || process.cwd(), gitHubVersion, apiDetails, logger); const sourceRoot = cmd.checkoutPath || process.cwd();
await upload_lib.uploadFromRunner(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), cmd.category, sourceRoot, gitHubVersion, apiDetails, logger);
} }
catch (e) { catch (e) {
logger.error("Upload failed"); logger.error("Upload failed");

2
lib/runner.js.map
View file

File diff suppressed because one or more lines are too long

10
lib/upload-lib.js generated
View file

@ -122,8 +122,8 @@ exports.uploadFromActions = uploadFromActions;
// Uploads a single sarif file or a directory of sarif files // Uploads a single sarif file or a directory of sarif files
// depending on what the path happens to refer to. // depending on what the path happens to refer to.
// Returns true iff the upload occurred and succeeded // Returns true iff the upload occurred and succeeded
async function uploadFromRunner(sarifPath, repositoryNwo, commitOid, ref, category, checkoutPath, gitHubVersion, apiDetails, logger) { async function uploadFromRunner(sarifPath, repositoryNwo, commitOid, ref, category, sourceRoot, gitHubVersion, apiDetails, logger) {
return await uploadFiles(getSarifFilePaths(sarifPath), repositoryNwo, commitOid, ref, undefined, category, undefined, undefined, checkoutPath, undefined, gitHubVersion, apiDetails, logger); return await uploadFiles(getSarifFilePaths(sarifPath), repositoryNwo, commitOid, ref, undefined, category, undefined, undefined, sourceRoot, undefined, gitHubVersion, apiDetails, logger);
} }
exports.uploadFromRunner = uploadFromRunner; exports.uploadFromRunner = uploadFromRunner;
function getSarifFilePaths(sarifPath) { function getSarifFilePaths(sarifPath) {
@ -227,7 +227,7 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
exports.buildPayload = buildPayload; exports.buildPayload = buildPayload;
// Uploads the given set of sarif files. // Uploads the given set of sarif files.
// Returns true iff the upload occurred and succeeded // Returns true iff the upload occurred and succeeded
async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, category, analysisName, workflowRunID, checkoutPath, environment, gitHubVersion, apiDetails, logger) { async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, category, analysisName, workflowRunID, sourceRoot, environment, gitHubVersion, apiDetails, logger) {
logger.startGroup("Uploading results"); logger.startGroup("Uploading results");
logger.info(`Processing sarif files: ${JSON.stringify(sarifFiles)}`); logger.info(`Processing sarif files: ${JSON.stringify(sarifFiles)}`);
if (util.isActions()) { if (util.isActions()) {
@ -243,10 +243,10 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
validateSarifFileSchema(file, logger); validateSarifFileSchema(file, logger);
} }
let sarifPayload = combineSarifFiles(sarifFiles); let sarifPayload = combineSarifFiles(sarifFiles);
sarifPayload = await fingerprints.addFingerprints(sarifPayload, checkoutPath, logger); sarifPayload = await fingerprints.addFingerprints(sarifPayload, sourceRoot, logger);
sarifPayload = populateRunAutomationDetails(sarifPayload, category, analysisKey, environment); sarifPayload = populateRunAutomationDetails(sarifPayload, category, analysisKey, environment);
const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64"); const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = file_url_1.default(checkoutPath); const checkoutURI = file_url_1.default(sourceRoot);
const toolNames = util.getToolNames(sarifPayload); const toolNames = util.getToolNames(sarifPayload);
const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, gitHubVersion); const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, gitHubVersion);
// Log some useful debug info about the info // Log some useful debug info about the info

2
lib/upload-lib.js.map
View file

File diff suppressed because one or more lines are too long

47
src/config-utils.ts
View file

@ -276,12 +276,12 @@ async function addLocalQueries(
codeQL: CodeQL, codeQL: CodeQL,
resultMap: Queries, resultMap: Queries,
localQueryPath: string, localQueryPath: string,
checkoutPath: string, workspacePath: string,
configFile?: string configFile?: string
) { ) {
// Resolve the local path against the workspace so that when this is // Resolve the local path against the workspace so that when this is
// passed to codeql it resolves to exactly the path we expect it to resolve to. // passed to codeql it resolves to exactly the path we expect it to resolve to.
let absoluteQueryPath = path.join(checkoutPath, localQueryPath); let absoluteQueryPath = path.join(workspacePath, localQueryPath);
// Check the file exists // Check the file exists
if (!fs.existsSync(absoluteQueryPath)) { if (!fs.existsSync(absoluteQueryPath)) {
@ -294,7 +294,7 @@ async function addLocalQueries(
// Check the local path doesn't jump outside the repo using '..' or symlinks // Check the local path doesn't jump outside the repo using '..' or symlinks
if ( if (
!(absoluteQueryPath + path.sep).startsWith( !(absoluteQueryPath + path.sep).startsWith(
fs.realpathSync(checkoutPath) + path.sep fs.realpathSync(workspacePath) + path.sep
) )
) { ) {
throw new Error( throw new Error(
@ -302,7 +302,14 @@ async function addLocalQueries(
); );
} }
await runResolveQueries(codeQL, resultMap, [absoluteQueryPath], checkoutPath); const extraSearchPath = workspacePath;
await runResolveQueries(
codeQL,
resultMap,
[absoluteQueryPath],
extraSearchPath
);
} }
/** /**
@ -368,7 +375,7 @@ async function parseQueryUses(
resultMap: Queries, resultMap: Queries,
queryUses: string, queryUses: string,
tempDir: string, tempDir: string,
checkoutPath: string, workspacePath: string,
apiDetails: api.GitHubApiExternalRepoDetails, apiDetails: api.GitHubApiExternalRepoDetails,
logger: Logger, logger: Logger,
configFile?: string configFile?: string
@ -384,7 +391,7 @@ async function parseQueryUses(
codeQL, codeQL,
resultMap, resultMap,
queryUses.slice(2), queryUses.slice(2),
checkoutPath, workspacePath,
configFile configFile
); );
return; return;
@ -764,7 +771,7 @@ async function addQueriesFromWorkflow(
languages: string[], languages: string[],
resultMap: Queries, resultMap: Queries,
tempDir: string, tempDir: string,
checkoutPath: string, workspacePath: string,
apiDetails: api.GitHubApiExternalRepoDetails, apiDetails: api.GitHubApiExternalRepoDetails,
logger: Logger logger: Logger
) { ) {
@ -779,7 +786,7 @@ async function addQueriesFromWorkflow(
resultMap, resultMap,
query, query,
tempDir, tempDir,
checkoutPath, workspacePath,
apiDetails, apiDetails,
logger logger
); );
@ -810,7 +817,7 @@ export async function getDefaultConfig(
tempDir: string, tempDir: string,
toolCacheDir: string, toolCacheDir: string,
codeQL: CodeQL, codeQL: CodeQL,
checkoutPath: string, workspacePath: string,
gitHubVersion: GitHubVersion, gitHubVersion: GitHubVersion,
apiDetails: api.GitHubApiCombinedDetails, apiDetails: api.GitHubApiCombinedDetails,
logger: Logger logger: Logger
@ -837,7 +844,7 @@ export async function getDefaultConfig(
languages, languages,
queries, queries,
tempDir, tempDir,
checkoutPath, workspacePath,
apiDetails, apiDetails,
logger logger
); );
@ -873,7 +880,7 @@ async function loadConfig(
tempDir: string, tempDir: string,
toolCacheDir: string, toolCacheDir: string,
codeQL: CodeQL, codeQL: CodeQL,
checkoutPath: string, workspacePath: string,
gitHubVersion: GitHubVersion, gitHubVersion: GitHubVersion,
apiDetails: api.GitHubApiCombinedDetails, apiDetails: api.GitHubApiCombinedDetails,
logger: Logger logger: Logger
@ -882,8 +889,8 @@ async function loadConfig(
if (isLocal(configFile)) { if (isLocal(configFile)) {
// Treat the config file as relative to the workspace // Treat the config file as relative to the workspace
configFile = path.resolve(checkoutPath, configFile); configFile = path.resolve(workspacePath, configFile);
parsedYAML = getLocalConfig(configFile, checkoutPath); parsedYAML = getLocalConfig(configFile, workspacePath);
} else { } else {
parsedYAML = await getRemoteConfig(configFile, apiDetails); parsedYAML = await getRemoteConfig(configFile, apiDetails);
} }
@ -939,7 +946,7 @@ async function loadConfig(
languages, languages,
queries, queries,
tempDir, tempDir,
checkoutPath, workspacePath,
apiDetails, apiDetails,
logger logger
); );
@ -965,7 +972,7 @@ async function loadConfig(
queries, queries,
query[QUERIES_USES_PROPERTY], query[QUERIES_USES_PROPERTY],
tempDir, tempDir,
checkoutPath, workspacePath,
apiDetails, apiDetails,
logger, logger,
configFile configFile
@ -1198,7 +1205,7 @@ export async function initConfig(
tempDir: string, tempDir: string,
toolCacheDir: string, toolCacheDir: string,
codeQL: CodeQL, codeQL: CodeQL,
checkoutPath: string, workspacePath: string,
gitHubVersion: GitHubVersion, gitHubVersion: GitHubVersion,
apiDetails: api.GitHubApiCombinedDetails, apiDetails: api.GitHubApiCombinedDetails,
logger: Logger logger: Logger
@ -1217,7 +1224,7 @@ export async function initConfig(
tempDir, tempDir,
toolCacheDir, toolCacheDir,
codeQL, codeQL,
checkoutPath, workspacePath,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
logger logger
@ -1233,7 +1240,7 @@ export async function initConfig(
tempDir, tempDir,
toolCacheDir, toolCacheDir,
codeQL, codeQL,
checkoutPath, workspacePath,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
logger logger
@ -1268,9 +1275,9 @@ function isLocal(configPath: string): boolean {
return configPath.indexOf("@") === -1; return configPath.indexOf("@") === -1;
} }
function getLocalConfig(configFile: string, checkoutPath: string): UserConfig { function getLocalConfig(configFile: string, workspacePath: string): UserConfig {
// Error if the config file is now outside of the workspace // Error if the config file is now outside of the workspace
if (!(configFile + path.sep).startsWith(checkoutPath + path.sep)) { if (!(configFile + path.sep).startsWith(workspacePath + path.sep)) {
throw new Error(getConfigFileOutsideWorkspaceErrorMessage(configFile)); throw new Error(getConfigFileOutsideWorkspaceErrorMessage(configFile));
} }

8
src/fingerprints.test.ts
View file

@ -201,12 +201,12 @@ test("addFingerprints", async (t) => {
expected = JSON.stringify(JSON.parse(expected)); expected = JSON.stringify(JSON.parse(expected));
// The URIs in the SARIF files resolve to files in the testdata directory // The URIs in the SARIF files resolve to files in the testdata directory
const checkoutPath = path.normalize(`${__dirname}/../src/testdata`); const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
t.deepEqual( t.deepEqual(
await fingerprints.addFingerprints( await fingerprints.addFingerprints(
input, input,
checkoutPath, sourceRoot,
getRunnerLogger(true) getRunnerLogger(true)
), ),
expected expected
@ -227,12 +227,12 @@ test("missingRegions", async (t) => {
expected = JSON.stringify(JSON.parse(expected)); expected = JSON.stringify(JSON.parse(expected));
// The URIs in the SARIF files resolve to files in the testdata directory // The URIs in the SARIF files resolve to files in the testdata directory
const checkoutPath = path.normalize(`${__dirname}/../src/testdata`); const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
t.deepEqual( t.deepEqual(
await fingerprints.addFingerprints( await fingerprints.addFingerprints(
input, input,
checkoutPath, sourceRoot,
getRunnerLogger(true) getRunnerLogger(true)
), ),
expected expected

8
src/fingerprints.ts
View file

@ -177,7 +177,7 @@ function locationUpdateCallback(
export function resolveUriToFile( export function resolveUriToFile(
location: any, location: any,
artifacts: any[], artifacts: any[],
checkoutPath: string, sourceRoot: string,
logger: Logger logger: Logger
): string | undefined { ): string | undefined {
// This may be referencing an artifact // This may be referencing an artifact
@ -214,7 +214,7 @@ export function resolveUriToFile(
} }
// Discard any absolute paths that aren't in the src root // Discard any absolute paths that aren't in the src root
const srcRootPrefix = `${checkoutPath}/`; const srcRootPrefix = `${sourceRoot}/`;
if (uri.startsWith("/") && !uri.startsWith(srcRootPrefix)) { if (uri.startsWith("/") && !uri.startsWith(srcRootPrefix)) {
logger.debug( logger.debug(
`Ignoring location URI "${uri}" as it is outside of the src root` `Ignoring location URI "${uri}" as it is outside of the src root`
@ -247,7 +247,7 @@ export function resolveUriToFile(
// and return an updated sarif file contents. // and return an updated sarif file contents.
export async function addFingerprints( export async function addFingerprints(
sarifContents: string, sarifContents: string,
checkoutPath: string, sourceRoot: string,
logger: Logger logger: Logger
): Promise<string> { ): Promise<string> {
const sarif = JSON.parse(sarifContents); const sarif = JSON.parse(sarifContents);
@ -279,7 +279,7 @@ export async function addFingerprints(
const filepath = resolveUriToFile( const filepath = resolveUriToFile(
primaryLocation.physicalLocation.artifactLocation, primaryLocation.physicalLocation.artifactLocation,
artifacts, artifacts,
checkoutPath, sourceRoot,
logger logger
); );
if (!filepath) { if (!filepath) {

4
src/init.ts
View file

@ -45,7 +45,7 @@ export async function initConfig(
tempDir: string, tempDir: string,
toolCacheDir: string, toolCacheDir: string,
codeQL: CodeQL, codeQL: CodeQL,
checkoutPath: string, workspacePath: string,
gitHubVersion: util.GitHubVersion, gitHubVersion: util.GitHubVersion,
apiDetails: GitHubApiCombinedDetails, apiDetails: GitHubApiCombinedDetails,
logger: Logger logger: Logger
@ -61,7 +61,7 @@ export async function initConfig(
tempDir, tempDir,
toolCacheDir, toolCacheDir,
codeQL, codeQL,
checkoutPath, workspacePath,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
logger logger

14
src/runner.ts
View file

@ -208,7 +208,7 @@ program
) )
).codeql; ).codeql;
} }
const workspacePath = checkoutPath;
const config = await initConfig( const config = await initConfig(
cmd.languages, cmd.languages,
cmd.queries, cmd.queries,
@ -219,13 +219,14 @@ program
tempDir, tempDir,
toolsDir, toolsDir,
codeql, codeql,
checkoutPath, workspacePath,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
logger logger
); );
const tracerConfig = await runInit(codeql, config, checkoutPath); const sourceRoot = checkoutPath;
const tracerConfig = await runInit(codeql, config, sourceRoot);
if (tracerConfig === undefined) { if (tracerConfig === undefined) {
return; return;
} }
@ -448,14 +449,14 @@ program
logger.info("Not uploading results"); logger.info("Not uploading results");
return; return;
} }
const sourceRoot = cmd.checkoutPath || process.cwd();
await upload_lib.uploadFromRunner( await upload_lib.uploadFromRunner(
outputDir, outputDir,
parseRepositoryNwo(cmd.repository), parseRepositoryNwo(cmd.repository),
cmd.commit, cmd.commit,
parseRef(cmd.ref), parseRef(cmd.ref),
cmd.category, cmd.category,
cmd.checkoutPath || process.cwd(), sourceRoot,
config.gitHubVersion, config.gitHubVersion,
apiDetails, apiDetails,
logger logger
@ -526,13 +527,14 @@ program
}; };
try { try {
const gitHubVersion = await getGitHubVersion(apiDetails); const gitHubVersion = await getGitHubVersion(apiDetails);
const sourceRoot = cmd.checkoutPath || process.cwd();
await upload_lib.uploadFromRunner( await upload_lib.uploadFromRunner(
cmd.sarifFile, cmd.sarifFile,
parseRepositoryNwo(cmd.repository), parseRepositoryNwo(cmd.repository),
cmd.commit, cmd.commit,
parseRef(cmd.ref), parseRef(cmd.ref),
cmd.category, cmd.category,
cmd.checkoutPath || process.cwd(), sourceRoot,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
logger logger

10
src/upload-lib.ts
View file

@ -174,7 +174,7 @@ export async function uploadFromRunner(
commitOid: string, commitOid: string,
ref: string, ref: string,
category: string | undefined, category: string | undefined,
checkoutPath: string, sourceRoot: string,
gitHubVersion: util.GitHubVersion, gitHubVersion: util.GitHubVersion,
apiDetails: api.GitHubApiDetails, apiDetails: api.GitHubApiDetails,
logger: Logger logger: Logger
@ -188,7 +188,7 @@ export async function uploadFromRunner(
category, category,
undefined, undefined,
undefined, undefined,
checkoutPath, sourceRoot,
undefined, undefined,
gitHubVersion, gitHubVersion,
apiDetails, apiDetails,
@ -330,7 +330,7 @@ async function uploadFiles(
category: string | undefined, category: string | undefined,
analysisName: string | undefined, analysisName: string | undefined,
workflowRunID: number | undefined, workflowRunID: number | undefined,
checkoutPath: string, sourceRoot: string,
environment: string | undefined, environment: string | undefined,
gitHubVersion: util.GitHubVersion, gitHubVersion: util.GitHubVersion,
apiDetails: api.GitHubApiDetails, apiDetails: api.GitHubApiDetails,
@ -358,7 +358,7 @@ async function uploadFiles(
let sarifPayload = combineSarifFiles(sarifFiles); let sarifPayload = combineSarifFiles(sarifFiles);
sarifPayload = await fingerprints.addFingerprints( sarifPayload = await fingerprints.addFingerprints(
sarifPayload, sarifPayload,
checkoutPath, sourceRoot,
logger logger
); );
sarifPayload = populateRunAutomationDetails( sarifPayload = populateRunAutomationDetails(
@ -369,7 +369,7 @@ async function uploadFiles(
); );
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64"); const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
const checkoutURI = fileUrl(checkoutPath); const checkoutURI = fileUrl(sourceRoot);
const toolNames = util.getToolNames(sarifPayload); const toolNames = util.getToolNames(sarifPayload);