3708898bf2
This PR ensures environment variables are set before any invocation of the CLI. Here is a list of vars that are set: https://github.com/github/codeql-coreql-team/issues/1124#issuecomment-852463521 This ensures the CLI knows the features and versions of the containing actions/runner. Additionally: - Fix the user agent so that it more closely aligns with user agent spec - Refactor environment variable initialization so that it all happens in one place and call. - Move Mode, getRequiredEnvParam, setMode, getMode out of actions-util and into util. actions-util is meant for utils only called by the action, not the runner. The `prepareLocalRunEnvironment()` method is most likely deprecated and should be removed. I originally added it because I had a way of working where I would run the action from my local machine to test out changes, but this was always a little flaky. So, I no longer use this way of working. I will probably remove it soon.
313 lines
9.4 KiB
TypeScript
313 lines
9.4 KiB
TypeScript
import * as fs from "fs";
|
|
import * as os from "os";
|
|
import * as stream from "stream";
|
|
|
|
import * as github from "@actions/github";
|
|
import test, { ExecutionContext } from "ava";
|
|
import sinon from "sinon";
|
|
|
|
import * as api from "./api-client";
|
|
import { getRunnerLogger, Logger } from "./logging";
|
|
import { setupTests } from "./testing-utils";
|
|
import { initializeEnvironment, Mode } from "./util";
|
|
import * as util from "./util";
|
|
|
|
setupTests(test);
|
|
|
|
test("getToolNames", (t) => {
|
|
const input = fs.readFileSync(
|
|
`${__dirname}/../src/testdata/tool-names.sarif`,
|
|
"utf8"
|
|
);
|
|
const toolNames = util.getToolNames(input);
|
|
t.deepEqual(toolNames, ["CodeQL command-line toolchain", "ESLint"]);
|
|
});
|
|
|
|
test("getMemoryFlag() should return the correct --ram flag", (t) => {
|
|
const totalMem = Math.floor(os.totalmem() / (1024 * 1024));
|
|
const expectedThreshold = process.platform === "win32" ? 1536 : 1024;
|
|
|
|
const tests = [
|
|
[undefined, `--ram=${totalMem - expectedThreshold}`],
|
|
["", `--ram=${totalMem - expectedThreshold}`],
|
|
["512", "--ram=512"],
|
|
];
|
|
|
|
for (const [input, expectedFlag] of tests) {
|
|
const flag = util.getMemoryFlag(input);
|
|
t.deepEqual(flag, expectedFlag);
|
|
}
|
|
});
|
|
|
|
test("getMemoryFlag() throws if the ram input is < 0 or NaN", (t) => {
|
|
for (const input of ["-1", "hello!"]) {
|
|
t.throws(() => util.getMemoryFlag(input));
|
|
}
|
|
});
|
|
|
|
test("getAddSnippetsFlag() should return the correct flag", (t) => {
|
|
t.deepEqual(util.getAddSnippetsFlag(true), "--sarif-add-snippets");
|
|
t.deepEqual(util.getAddSnippetsFlag("true"), "--sarif-add-snippets");
|
|
|
|
t.deepEqual(util.getAddSnippetsFlag(false), "--no-sarif-add-snippets");
|
|
t.deepEqual(util.getAddSnippetsFlag(undefined), "--no-sarif-add-snippets");
|
|
t.deepEqual(util.getAddSnippetsFlag("false"), "--no-sarif-add-snippets");
|
|
t.deepEqual(util.getAddSnippetsFlag("foo bar"), "--no-sarif-add-snippets");
|
|
});
|
|
|
|
test("getThreadsFlag() should return the correct --threads flag", (t) => {
|
|
const numCpus = os.cpus().length;
|
|
|
|
const tests = [
|
|
["0", "--threads=0"],
|
|
["1", "--threads=1"],
|
|
[undefined, `--threads=${numCpus}`],
|
|
["", `--threads=${numCpus}`],
|
|
[`${numCpus + 1}`, `--threads=${numCpus}`],
|
|
[`${-numCpus - 1}`, `--threads=${-numCpus}`],
|
|
];
|
|
|
|
for (const [input, expectedFlag] of tests) {
|
|
const flag = util.getThreadsFlag(input, getRunnerLogger(true));
|
|
t.deepEqual(flag, expectedFlag);
|
|
}
|
|
});
|
|
|
|
test("getThreadsFlag() throws if the threads input is not an integer", (t) => {
|
|
t.throws(() => util.getThreadsFlag("hello!", getRunnerLogger(true)));
|
|
});
|
|
|
|
test("isLocalRun() runs correctly", (t) => {
|
|
initializeEnvironment(Mode.actions, "1.2.3");
|
|
|
|
process.env.CODEQL_LOCAL_RUN = "";
|
|
t.assert(!util.isLocalRun());
|
|
|
|
process.env.CODEQL_LOCAL_RUN = "false";
|
|
t.assert(!util.isLocalRun());
|
|
|
|
process.env.CODEQL_LOCAL_RUN = "0";
|
|
t.assert(!util.isLocalRun());
|
|
|
|
process.env.CODEQL_LOCAL_RUN = "true";
|
|
t.assert(util.isLocalRun());
|
|
|
|
process.env.CODEQL_LOCAL_RUN = "hucairz";
|
|
t.assert(util.isLocalRun());
|
|
|
|
initializeEnvironment(Mode.runner, "1.2.3");
|
|
t.assert(!util.isLocalRun());
|
|
});
|
|
|
|
test("getExtraOptionsEnvParam() succeeds on valid JSON with invalid options (for now)", (t) => {
|
|
const origExtraOptions = process.env.CODEQL_ACTION_EXTRA_OPTIONS;
|
|
|
|
const options = { foo: 42 };
|
|
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = JSON.stringify(options);
|
|
|
|
t.deepEqual(util.getExtraOptionsEnvParam(), <any>options);
|
|
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
|
|
});
|
|
|
|
test("getExtraOptionsEnvParam() succeeds on valid options", (t) => {
|
|
const origExtraOptions = process.env.CODEQL_ACTION_EXTRA_OPTIONS;
|
|
|
|
const options = { database: { init: ["--debug"] } };
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = JSON.stringify(options);
|
|
|
|
t.deepEqual(util.getExtraOptionsEnvParam(), options);
|
|
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
|
|
});
|
|
|
|
test("getExtraOptionsEnvParam() fails on invalid JSON", (t) => {
|
|
const origExtraOptions = process.env.CODEQL_ACTION_EXTRA_OPTIONS;
|
|
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = "{{invalid-json}}";
|
|
t.throws(util.getExtraOptionsEnvParam);
|
|
|
|
process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
|
|
});
|
|
|
|
test("parseGitHubUrl", (t) => {
|
|
t.deepEqual(util.parseGitHubUrl("github.com"), "https://github.com");
|
|
t.deepEqual(util.parseGitHubUrl("https://github.com"), "https://github.com");
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://api.github.com"),
|
|
"https://github.com"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.com/foo/bar"),
|
|
"https://github.com"
|
|
);
|
|
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("github.example.com"),
|
|
"https://github.example.com/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com"),
|
|
"https://github.example.com/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://api.github.example.com"),
|
|
"https://github.example.com/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com/api/v3"),
|
|
"https://github.example.com/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com:1234"),
|
|
"https://github.example.com:1234/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://api.github.example.com:1234"),
|
|
"https://github.example.com:1234/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com:1234/api/v3"),
|
|
"https://github.example.com:1234/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com/base/path"),
|
|
"https://github.example.com/base/path/"
|
|
);
|
|
t.deepEqual(
|
|
util.parseGitHubUrl("https://github.example.com/base/path/api/v3"),
|
|
"https://github.example.com/base/path/"
|
|
);
|
|
|
|
t.throws(() => util.parseGitHubUrl(""), {
|
|
message: '"" is not a valid URL',
|
|
});
|
|
t.throws(() => util.parseGitHubUrl("ssh://github.com"), {
|
|
message: '"ssh://github.com" is not a http or https URL',
|
|
});
|
|
t.throws(() => util.parseGitHubUrl("http:///::::433"), {
|
|
message: '"http:///::::433" is not a valid URL',
|
|
});
|
|
});
|
|
|
|
test("allowed API versions", async (t) => {
|
|
t.is(util.apiVersionInRange("1.33.0", "1.33", "2.0"), undefined);
|
|
t.is(util.apiVersionInRange("1.33.1", "1.33", "2.0"), undefined);
|
|
t.is(util.apiVersionInRange("1.34.0", "1.33", "2.0"), undefined);
|
|
t.is(util.apiVersionInRange("2.0.0", "1.33", "2.0"), undefined);
|
|
t.is(util.apiVersionInRange("2.0.1", "1.33", "2.0"), undefined);
|
|
t.is(
|
|
util.apiVersionInRange("1.32.0", "1.33", "2.0"),
|
|
util.DisallowedAPIVersionReason.ACTION_TOO_NEW
|
|
);
|
|
t.is(
|
|
util.apiVersionInRange("2.1.0", "1.33", "2.0"),
|
|
util.DisallowedAPIVersionReason.ACTION_TOO_OLD
|
|
);
|
|
});
|
|
|
|
function mockGetMetaVersionHeader(
|
|
versionHeader: string | undefined
|
|
): sinon.SinonStub<any, any> {
|
|
// Passing an auth token is required, so we just use a dummy value
|
|
const client = github.getOctokit("123");
|
|
const response = {
|
|
headers: {
|
|
"x-github-enterprise-version": versionHeader,
|
|
},
|
|
};
|
|
const spyGetContents = sinon
|
|
.stub(client.meta, "get")
|
|
.resolves(response as any);
|
|
sinon.stub(api, "getApiClient").value(() => client);
|
|
return spyGetContents;
|
|
}
|
|
|
|
test("getGitHubVersion", async (t) => {
|
|
const v = await util.getGitHubVersion({
|
|
auth: "",
|
|
url: "https://github.com",
|
|
});
|
|
t.deepEqual(util.GitHubVariant.DOTCOM, v.type);
|
|
|
|
mockGetMetaVersionHeader("2.0");
|
|
const v2 = await util.getGitHubVersion({
|
|
auth: "",
|
|
url: "https://ghe.example.com",
|
|
});
|
|
t.deepEqual({ type: util.GitHubVariant.GHES, version: "2.0" }, v2);
|
|
|
|
mockGetMetaVersionHeader("GitHub AE");
|
|
const ghae = await util.getGitHubVersion({
|
|
auth: "",
|
|
url: "https://example.githubenterprise.com",
|
|
});
|
|
t.deepEqual({ type: util.GitHubVariant.GHAE }, ghae);
|
|
|
|
mockGetMetaVersionHeader(undefined);
|
|
const v3 = await util.getGitHubVersion({
|
|
auth: "",
|
|
url: "https://ghe.example.com",
|
|
});
|
|
t.deepEqual({ type: util.GitHubVariant.DOTCOM }, v3);
|
|
});
|
|
|
|
test("getGitHubAuth", async (t) => {
|
|
const msgs: string[] = [];
|
|
const mockLogger = ({
|
|
warning: (msg: string) => msgs.push(msg),
|
|
} as unknown) as Logger;
|
|
|
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
t.throwsAsync(async () => util.getGitHubAuth(mockLogger, "abc", true));
|
|
|
|
process.env.GITHUB_TOKEN = "123";
|
|
t.is("123", await util.getGitHubAuth(mockLogger, undefined, undefined));
|
|
t.is(msgs.length, 0);
|
|
t.is("abc", await util.getGitHubAuth(mockLogger, "abc", undefined));
|
|
t.is(msgs.length, 1); // warning expected
|
|
|
|
msgs.length = 0;
|
|
await mockStdInForAuth(t, mockLogger, "def", "def");
|
|
await mockStdInForAuth(t, mockLogger, "def", "", "def");
|
|
await mockStdInForAuth(
|
|
t,
|
|
mockLogger,
|
|
"def",
|
|
"def\n some extra garbage",
|
|
"ghi"
|
|
);
|
|
await mockStdInForAuth(t, mockLogger, "defghi", "def", "ghi\n123");
|
|
|
|
await mockStdInForAuthExpectError(t, mockLogger, "");
|
|
await mockStdInForAuthExpectError(t, mockLogger, "", " ", "abc");
|
|
await mockStdInForAuthExpectError(
|
|
t,
|
|
mockLogger,
|
|
" def\n some extra garbage",
|
|
"ghi"
|
|
);
|
|
t.is(msgs.length, 0);
|
|
});
|
|
|
|
async function mockStdInForAuth(
|
|
t: ExecutionContext<any>,
|
|
mockLogger: Logger,
|
|
expected: string,
|
|
...text: string[]
|
|
) {
|
|
const stdin = stream.Readable.from(text) as any;
|
|
t.is(expected, await util.getGitHubAuth(mockLogger, undefined, true, stdin));
|
|
}
|
|
|
|
async function mockStdInForAuthExpectError(
|
|
t: ExecutionContext<unknown>,
|
|
mockLogger: Logger,
|
|
...text: string[]
|
|
) {
|
|
const stdin = stream.Readable.from(text) as any;
|
|
await t.throwsAsync(async () =>
|
|
util.getGitHubAuth(mockLogger, undefined, true, stdin)
|
|
);
|
|
}
|