robojerk/codeql-action

Merge pull request #1632 from github/aeisenberg/codeql-testing-org

Browse source 
Move to the codeql-testing org
This commit is contained in:
Andrew Eisenberg 2023-04-04 14:38:19 -07:00 committed by GitHub
commit fa7cce4d4b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 61 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/__init-with-registries.yml generated vendored
View file

@ -69,8 +69,8 @@ jobs:
- name: Verify packages installed - name: Verify packages installed
shell: bash shell: bash
run: | run: |
PRIVATE_PACK="$HOME/.codeql/packages/dsp-testing/private-pack" PRIVATE_PACK="$HOME/.codeql/packages/codeql-testing/private-pack"
CODEQL_PACK1="$HOME/.codeql/packages/dsp-testing/codeql-pack1" CODEQL_PACK1="$HOME/.codeql/packages/codeql-testing/codeql-pack1"
if [[ -d $PRIVATE_PACK ]] if [[ -d $PRIVATE_PACK ]]
then then
@ -117,5 +117,9 @@ jobs:
cat $QLCONFIG_PATH cat $QLCONFIG_PATH
exit 1 exit 1
fi fi
permissions:
contents: read
packages: read
env: env:
CODEQL_ACTION_TEST_MODE: true CODEQL_ACTION_TEST_MODE: true

2
.github/workflows/__packaging-codescanning-config-inputs-js.yml generated vendored
View file

@ -57,7 +57,7 @@ jobs:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: .github/codeql/codeql-config-packaging3.yml config-file: .github/codeql/codeql-config-packaging3.yml
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

2
.github/workflows/__packaging-config-inputs-js.yml generated vendored
View file

@ -57,7 +57,7 @@ jobs:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: .github/codeql/codeql-config-packaging3.yml config-file: .github/codeql/codeql-config-packaging3.yml
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

2
.github/workflows/__packaging-inputs-js.yml generated vendored
View file

@ -58,7 +58,7 @@ jobs:
with: with:
config-file: .github/codeql/codeql-config-packaging2.yml config-file: .github/codeql/codeql-config-packaging2.yml
languages: javascript languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2, dsp-testing/codeql-pack3:other-query.ql packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2, codeql-testing/codeql-pack3:other-query.ql
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code
shell: bash shell: bash

2
.github/workflows/__split-workflow.yml generated vendored
View file

@ -51,7 +51,7 @@ jobs:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: .github/codeql/codeql-config-packaging3.yml config-file: .github/codeql/codeql-config-packaging3.yml
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

18
.github/workflows/codescanning-config-cli.yml vendored
View file

@ -64,10 +64,10 @@ jobs:
with: with:
expected-config-file-contents: | expected-config-file-contents: |
{ {
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ] "packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
} }
languages: javascript languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2 packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Packs from input with + - name: Packs from input with +
@ -76,10 +76,10 @@ jobs:
with: with:
expected-config-file-contents: | expected-config-file-contents: |
{ {
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ] "packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
} }
languages: javascript languages: javascript
packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2 packs: + codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Queries from input - name: Queries from input
@ -113,11 +113,11 @@ jobs:
expected-config-file-contents: | expected-config-file-contents: |
{ {
"queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }], "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }],
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ] "packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
} }
languages: javascript languages: javascript
queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2 packs: + codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Queries and packs from config - name: Queries and packs from config
@ -128,7 +128,7 @@ jobs:
{ {
"queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" }], "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" }],
"packs": { "packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ] "javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
} }
} }
languages: javascript languages: javascript
@ -161,7 +161,7 @@ jobs:
{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" } { "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }
], ],
"packs": { "packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2", "codeql/javascript-queries" ] "javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2", "codeql/javascript-queries" ]
} }
} }
languages: javascript languages: javascript
@ -177,7 +177,7 @@ jobs:
expected-config-file-contents: | expected-config-file-contents: |
{ {
"packs": { "packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ], "javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ],
"ruby": ["codeql/ruby-queries"] "ruby": ["codeql/ruby-queries"]
}, },
"queries": [ "queries": [

4
lib/codeql.test.js generated
View file

@ -382,11 +382,11 @@ for (const isBundleVersionInUrl of [true, false]) {
tagName: "codeql-bundle-20230203", tagName: "codeql-bundle-20230203",
}); });
mockDownloadApi({ mockDownloadApi({
repo: "dsp-testing/codeql-cli-nightlies", repo: "codeql-testing/codeql-cli-nightlies",
platformSpecific: false, platformSpecific: false,
tagName: "codeql-bundle-20230203", tagName: "codeql-bundle-20230203",
}); });
const result = await codeql.setupCodeQL("https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false); const result = await codeql.setupCodeQL("https://github.com/codeql-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
t.is(result.toolsVersion, "0.0.0-20230203"); t.is(result.toolsVersion, "0.0.0-20230203");
t.is(result.toolsSource, init_1.ToolsSource.Download); t.is(result.toolsSource, init_1.ToolsSource.Download);
t.true(Number.isInteger(result.toolsDownloadDurationMs)); t.true(Number.isInteger(result.toolsDownloadDurationMs));

2
lib/codeql.test.js.map
View file

File diff suppressed because one or more lines are too long

10
lib/config-utils.test.js generated
View file

@ -1134,7 +1134,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
{ {
// no slash // no slash
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -1200,7 +1200,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -1227,7 +1227,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
// missing url property // missing url property
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -1252,7 +1252,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
{ {
// no slash // no slash
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
]); ]);
@ -1283,7 +1283,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
]); ]);

2
lib/config-utils.test.js.map
View file

File diff suppressed because one or more lines are too long

8
pr-checks/checks/init-with-registries.yml
View file

@ -11,6 +11,10 @@ versions: [
"nightly-latest", "nightly-latest",
] ]
permissions:
contents: read
packages: read
steps: steps:
- name: Init with registries - name: Init with registries
uses: ./../action/init uses: ./../action/init
@ -27,8 +31,8 @@ steps:
- name: Verify packages installed - name: Verify packages installed
shell: bash shell: bash
run: | run: |
PRIVATE_PACK="$HOME/.codeql/packages/dsp-testing/private-pack" PRIVATE_PACK="$HOME/.codeql/packages/codeql-testing/private-pack"
CODEQL_PACK1="$HOME/.codeql/packages/dsp-testing/codeql-pack1" CODEQL_PACK1="$HOME/.codeql/packages/codeql-testing/codeql-pack1"
if [[ -d $PRIVATE_PACK ]] if [[ -d $PRIVATE_PACK ]]
then then

2
pr-checks/checks/packaging-codescanning-config-inputs-js.yml
View file

@ -9,7 +9,7 @@ steps:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: ".github/codeql/codeql-config-packaging3.yml" config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

2
pr-checks/checks/packaging-config-inputs-js.yml
View file

@ -5,7 +5,7 @@ steps:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: ".github/codeql/codeql-config-packaging3.yml" config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

2
pr-checks/checks/packaging-inputs-js.yml
View file

@ -6,7 +6,7 @@ steps:
with: with:
config-file: ".github/codeql/codeql-config-packaging2.yml" config-file: ".github/codeql/codeql-config-packaging2.yml"
languages: javascript languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2, dsp-testing/codeql-pack3:other-query.ql packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2, codeql-testing/codeql-pack3:other-query.ql
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code
shell: bash shell: bash

2
pr-checks/checks/split-workflow.yml
View file

@ -6,7 +6,7 @@ steps:
- uses: ./../action/init - uses: ./../action/init
with: with:
config-file: ".github/codeql/codeql-config-packaging3.yml" config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0 packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }} tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code - name: Build code

4
pr-checks/sync.py
View file

@ -107,8 +107,10 @@ for file in os.listdir('checks'):
'name': checkSpecification['name'], 'name': checkSpecification['name'],
'timeout-minutes': 45, 'timeout-minutes': 45,
'runs-on': '${{ matrix.os }}', 'runs-on': '${{ matrix.os }}',
'steps': steps 'steps': steps,
} }
if 'permissions' in checkSpecification:
checkJob['permissions'] = checkSpecification['permissions']
for key in ["env", "container", "services"]: for key in ["env", "container", "services"]:
if key in checkSpecification: if key in checkSpecification:

4
src/codeql.test.ts
View file

@ -554,13 +554,13 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t)
tagName: "codeql-bundle-20230203", tagName: "codeql-bundle-20230203",
}); });
mockDownloadApi({ mockDownloadApi({
repo: "dsp-testing/codeql-cli-nightlies", repo: "codeql-testing/codeql-cli-nightlies",
platformSpecific: false, platformSpecific: false,
tagName: "codeql-bundle-20230203", tagName: "codeql-bundle-20230203",
}); });
const result = await codeql.setupCodeQL( const result = await codeql.setupCodeQL(
"https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz", "https://github.com/codeql-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz",
sampleApiDetails, sampleApiDetails,
tmpDir, tmpDir,
util.GitHubVariant.DOTCOM, util.GitHubVariant.DOTCOM,

10
src/config-utils.test.ts
View file

@ -2307,7 +2307,7 @@ test("downloadPacks-with-registries", async (t) => {
{ {
// no slash // no slash
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -2397,7 +2397,7 @@ test("downloadPacks-with-registries fails on 2.10.3", async (t) => {
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -2439,7 +2439,7 @@ test("downloadPacks-with-registries fails with invalid registries block", async
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
// missing url property // missing url property
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
{ {
@ -2478,7 +2478,7 @@ test("no generateRegistries when CLI is too old", async (t) => {
{ {
// no slash // no slash
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
]); ]);
@ -2527,7 +2527,7 @@ test("generateRegistries prefers original CODEQL_REGISTRIES_AUTH", async (t) =>
const registriesInput = yaml.dump([ const registriesInput = yaml.dump([
{ {
url: "http://ghcr.io", url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"], packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token", token: "not-a-token",
}, },
]); ]);

6
tests/multi-language-repo/.github/codeql/codeql-config-packaging.yml vendored
View file

@ -3,9 +3,9 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true disable-default-queries: true
packs: packs:
javascript: javascript:
- dsp-testing/codeql-pack1@1.0.0 - codeql-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2 - codeql-testing/codeql-pack2
- dsp-testing/codeql-pack3:other-query.ql - codeql-testing/codeql-pack3:other-query.ql
paths-ignore: paths-ignore:
- tests - tests

4
tests/multi-language-repo/.github/codeql/codeql-config-packaging3.yml vendored
View file

@ -3,8 +3,8 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true disable-default-queries: true
packs: packs:
javascript: javascript:
- dsp-testing/codeql-pack2 - codeql-testing/codeql-pack2
- dsp-testing/codeql-pack3:other-query.ql - codeql-testing/codeql-pack3:other-query.ql
paths-ignore: paths-ignore:
- tests - tests
- lib - lib

2
tests/multi-language-repo/.github/codeql/codeql-config-query-filters2.yml vendored
View file

@ -5,7 +5,7 @@ disable-default-queries: true
packs: packs:
javascript: javascript:
- codeql/javascript-queries - codeql/javascript-queries
- dsp-testing/codeql-pack1@1.0.0 - codeql-testing/codeql-pack1@1.0.0
query-filters: query-filters:
# This should run js/path-injection and js/zipslip # This should run js/path-injection and js/zipslip

2
tests/multi-language-repo/.github/codeql/codeql-config-query-filters3.yml vendored
View file

@ -15,7 +15,7 @@ queries:
packs: packs:
javascript: javascript:
- codeql/javascript-queries - codeql/javascript-queries
- dsp-testing/codeql-pack1@1.0.0 - codeql-testing/codeql-pack1@1.0.0
query-filters: query-filters:
# This should run js/path-injection and js/zipslip # This should run js/path-injection and js/zipslip

4
tests/multi-language-repo/.github/codeql/codeql-config-registries.yml vendored
View file

@ -3,5 +3,5 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true disable-default-queries: true
packs: packs:
javascript: javascript:
- dsp-testing/private-pack - codeql-testing/private-pack
- dsp-testing/codeql-pack1 - codeql-testing/codeql-pack1

4
tests/multi-language-repo/.github/codeql/multi-language-packs-config.yml vendored
View file

@ -1,7 +1,7 @@
packs: packs:
javascript: javascript:
- dsp-testing/codeql-pack1@1.0.0 - codeql-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2 - codeql-testing/codeql-pack2
ruby: ruby:
- codeql/ruby-queries - codeql/ruby-queries

4
tests/multi-language-repo/.github/codeql/queries-and-packs-config.yml vendored
View file

@ -1,7 +1,7 @@
packs: packs:
javascript: javascript:
- dsp-testing/codeql-pack1@1.0.0 - codeql-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2 - codeql-testing/codeql-pack2
queries: queries:
- uses: ./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql - uses: ./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql