10000 Add option `tools: linked` for `tools` input of init action. by NlightNFotis · Pull Request #2281 · github/codeql-action · GitHub
[go: up one dir, main page]
Skip to content

Add option tools: linked for tools input of init action. #2281

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
May 13, 2024
Merged

Add option tools: linked for tools input of init action. #2281

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
cbe408d
Add option `tools: linked` for init action.
NlightNFotis May 8, 2024
cff15d7
Add logging for CodeQL CLI Version and add tests to the logger for it.
NlightNFotis May 8, 2024
c92bbd4
Add test for CodeQL version appearing in log.
NlightNFotis May 9, 2024
998a4c7
Change overriding log message to make default version more explicit.
NlightNFotis May 9, 2024
4522b08
[SYNC] Sync files in lib/ as requested by CI check that is failing
NlightNFotis May 9, 2024
1796f54
Add new input option `tools: linked` to CHANGELOG
NlightNFotis May 9, 2024
bcc1365
Move logging messages to downstream function and add deprecation notice
NlightNFotis May 10, 2024
df4819e
Soften deprecation message wording and remove unhelpful version strin…
NlightNFotis May 13, 2024
File filter

Filter by extension

10000
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add test for CodeQL version appearing in log.
  • Loading branch information
@NlightNFotis
NlightNFotis committed May 13, 2024
commit c92bbd4223e9d948ccebc7255839a23883d5ef02
8 changes: 4 additions & 4 deletions lib/setup-codeql.js
View file
Open in desktop
2 changes: 1 addition & 1 deletion lib/setup-codeql.js.map
View file
Open in desktop

Large diffs are not rendered by default.

45 changes: 28 additions & 17 deletions lib/setup-codeql.test.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/setup-codeql.test.js.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

63 changes: 41 additions & 22 deletions src/setup-codeql.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,53 +98,72 @@ test("getCodeQLSource sets CLI version for a semver tagged bundle", async (t) =>
});

test("getCodeQLSource correctly returns bundled CLI version when tools == linked", async (t) => {
const loggedMessages: LoggedMessage[] = [];
const logger = getRecordingLogger(loggedMessages);

await withTmpDir(async (tmpDir) => {
setupActionsVars(tmpDir, tmpDir);
const source = await setupCodeql.getCodeQLSource(
"linked",
SAMPLE_DEFAULT_CLI_VERSION,
SAMPLE_DOTCOM_API_DETAILS,
GitHubVariant.DOTCOM,
logger,
getRunnerLogger(true),
);

// Assert first that we got the right version of the CodeQL CLI,
// and that we're sourcing it using the correct method for that.
t.is(source.toolsVersion, LINKED_CLI_VERSION.cliVersion);
t.is(source.sourceType, "download");

// Ensure that we're adequately notifying the user of the version we're using.
const expected_message: LoggedMessage = {
type: "info",
message: `Using CodeQL CLI version: ${LINKED_CLI_VERSION.cliVersion} from download.`,
};

loggedMessages.forEach((msg) => {
console.log(msg.message);
});

t.assert(loggedMessages.includes(expected_message));
});
});

test("getCodeQLSource correctly returns bundled CLI version when tools == latest", async (t) => {
const loggedMessages = [];
const logger = getRecordingLogger(loggedMessages);

await withTmpDir(async (tmpDir) => {
setupActionsVars(tmpDir, tmpDir);
const source = await setupCodeql.getCodeQLSource(
"latest",
SAMPLE_DEFAULT_CLI_VERSION,
SAMPLE_DOTCOM_API_DETAILS,
GitHubVariant.DOTCOM,
logger,
getRunnerLogger(true),
);

t.is(source.toolsVersion, LINKED_CLI_VERSION.cliVersion);
t.is(source.sourceType, "download");
});
});

test("setupCodeQLBundle logs the CodeQL CLI version being used", async (t) => {
const loggedMessages: LoggedMessage[] = [];
const logger = getRecordingLogger(loggedMessages);

// Stub the downloadCodeQL function to prevent downloading artefacts
// during testing from being called.
sinon.stub(setupCodeql, "downloadCodeQL").resolves({
toolsVersion: LINKED_CLI_VERSION.cliVersion,
codeqlFolder: "codeql",
toolsDownloadDurationMs: 200,
});

await withTmpDir(async (tmpDir) => {
setupActionsVars(tmpDir, tmpDir);
const result = await setupCodeql.setupCodeQLBundle(
"linked",
SAMPLE_DOTCOM_API_DETAILS,
"tmp/codeql_action_test/",
GitHubVariant.DOTCOM,
SAMPLE_DEFAULT_CLI_VERSION,
logger,
);

// Basic sanity check that the version we got back is indeed
// the linked (default) CLI version.
t.is(result.toolsVersion, LINKED_CLI_VERSION.cliVersion);

const expected_message: LoggedMessage = {
type: "info",
message: `Using CodeQL CLI version ${LINKED_CLI_VERSION.cliVersion} from download.`,
};

// Ensure message logging CodeQL CLI version was present in user logs.
t.assert(
loggedMessages.some((msg) => msg.message === expected_message.message),
);
});
});
8 changes: 5 additions & 3 deletions src/setup-codeql.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,7 +493,7 @@ export async function tryGetFallbackToolcacheVersion(
return fallbackVersion;
}
< 10000 /td>
export async function downloadCodeQL(
export const downloadCodeQL = async function (
codeqlURL: string,
maybeBundleVersion: string | undefined,
maybeCliVersion: string | undefined,
Expand Down Expand Up @@ -614,7 +614,7 @@ export async function downloadCodeQL(
codeqlFolder: toolcachedBundlePath,
toolsDownloadDurationMs,
};
}
};

export function getCodeQLURLVersion(url: string): string {
const match = url.match(/\/codeql-bundle-(.*)\//);
Expand Down Expand Up @@ -692,7 +692,9 @@ export async function setupCodeQLBundle(
logger,
);

logger.info("Using CodeQL CLI version " + source.toolsVersion + " from " + source.sourceType + ".");
logger.info(
`Using CodeQL CLI version ${source.toolsVersion} from ${source.sourceType}.`,
);
Copy link
Contributor
@henrymercer henrymercer May 9, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a few routes where we don't actually know the CLI version at this point, for example if the tools were specified using a local path or if an old bundle URL was specified like https://github.com/github/codeql-action/releases/download/codeql-bundle-20230317/codeql-bundle-linux64.tar.gz. In both cases toolsVersion is a bit opaque (for the first case it will be local, for the second it will be 0.0.0-20230317), and I think we want to avoid showing this to users to avoid confusion.

What do you think about pushing this message into getCodeQLSource and returning more specific messages in each case, for instance:

  • Local could say something like "Using CodeQL CLI from local path $path"
  • Old bundle URL could say something like "Using CodeQL CLI from URL $url"
  • Cases where we know the CLI version could say what we have here "Using CodeQL CLI version $version from $source."

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I see - I wasn't aware that we actually can be in a position where we don't have all the information.

I was hoping that by putting the logging into the getCodeQLBundle, after getCodeQLSource has returned, that I could get away with logging at just one point, and at a time where the dust had settled and a decision on what/where to get codeql from had been made, instead of trying to chase the various return paths in getCodeQLSource.

I will revise the approach.


let codeqlFolder: string;
let toolsVersion = source.toolsVersion;
Expand Down
0