Skip to content

Merge main into releases/v3 #2131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dbartol merged 25 commits into from
Feb 13, 2024
Merged

Merge main into releases/v3 #2131

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
921adb6
Update changelog and version after v3.24.0
github-actions[bot] Feb 2, 2024
da89f3f
Update checked-in dependencies
github-actions[bot] Feb 2, 2024
1d4866b
Only run custom `checkout_path` tests against a single CodeQL version
henrymercer Feb 2, 2024
e1fa6dd
Disable debug mode in checkout path tests
henrymercer Feb 2, 2024
15b447d
Merge pull request #2114 from github/mergeback/v3.24.0-to-main-e8893c57
henrymercer Feb 2, 2024
39cc02b
Merge pull request #2116 from github/henrymercer/reduce-checkout-path…
henrymercer Feb 2, 2024
cf7e9f2
Bump the npm group with 2 updates (#2118)
dependabot[bot] Feb 6, 2024
db6e5ff
Extract separate function for `warnIfGoInstalledAfterInit`
henrymercer Feb 2, 2024
0fe34bd
Extract language appropriately in analyze step when build mode specified
henrymercer Feb 2, 2024
8fb654e
Don't run autobuild in analyze if already ran in autobuild
henrymercer Feb 7, 2024
0ab8e2a
Test omitting autobuild Action when build mode specified
henrymercer Feb 7, 2024
9e39a05
Document `action.inputs.token` (#2110)
jsoref Feb 8, 2024
932a7d5
Remove stray trailing spaces (#2122)
jsoref Feb 8, 2024
f3ced61
Add PR checks for other build modes
henrymercer Feb 8, 2024
fc9f9e5
Merge pull request #2120 from github/henrymercer/no-autobuild-action-…
henrymercer Feb 8, 2024
1515e2b
Refactor configuration errors (#2105)
angelapwen Feb 8, 2024
8fae32e
Update default bundle to codeql-bundle-v2.16.2
github-actions[bot] Feb 8, 2024
9a734da
Add changelog note
github-actions[bot] Feb 8, 2024
3ab1d29
Stop running debug artifacts checks on MacOS (#2123)
angelapwen Feb 9, 2024
b0346e4
Merge branch 'main' into update-bundle/codeql-bundle-v2.16.2
Feb 12, 2024
43a8916
Merge pull request #2124 from github/update-bundle/codeql-bundle-v2.16.2
Feb 12, 2024
5a6da1d
Treat status reports as non-critical
jsoref Jan 31, 2024
4075abf
Merge pull request #2121 from jsoref/status-reports-are-not-critical
aeisenberg Feb 12, 2024
c79c360
Bump the npm group with 3 updates (#2128)
dependabot[bot] Feb 13, 2024
41154da
Update changelog for v3.24.1
github-actions[bot] Feb 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Extract separate function for warnIfGoInstalledAfterInit
  • Loading branch information
@henrymercer
henrymercer committed Feb 7, 2024
commit db6e5fff065341ca19d3d8aff62ec335ea34a9d8
52 changes: 9 additions & 43 deletions src/analyze-action.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ import path from "path";
import { performance } from "perf_hooks";

import * as core from "@actions/core";
import { safeWhich } from "@chrisgavin/safe-which";

import * as actionsUtil from "./actions-util";
import {
Expand All @@ -13,13 +12,13 @@ import {
runCleanup,
runFinalize,
runQueries,
warnIfGoInstalledAfterInit,
} from "./analyze";
import { getApiDetails, getGitHubVersion } from "./api-client";
import { runAutobuild } from "./autobuild";
import { getCodeQL } from "./codeql";
import { Config, getConfig } from "./config-utils";
import { uploadDatabases } from "./database-upload";
import { addDiagnostic, makeDiagnostic } from "./diagnostics";
import { EnvVar } from "./environment";
import { Features } from "./feature-flags";
import { Language } from "./languages";
Expand Down Expand Up @@ -140,6 +139,12 @@ async function runAutobuildIfLegacyGoWorkflow(config: Config, logger: Logger) {
if (!config.languages.includes(Language.go)) {
return;
}
if (config.buildMode) {
logger.debug(
"Skipping legacy Go autobuild since a build mode has been specified.",
);
return;
}
if (process.env[EnvVar.DID_AUTOBUILD_GOLANG] === "true") {
logger.debug("Won't run Go autobuild since it has already been run.");
return;
Expand Down Expand Up @@ -234,46 +239,7 @@ async function run() {
logger,
);

// Check that `which go` still points at the same path it did when the `init` Action ran to ensure that no steps
// in-between performed any setup. We encourage users to perform all setup tasks before initializing CodeQL so that
// the setup tasks do not interfere with our analysis.
// Furthermore, if we installed a wrapper script in the `init` Action, we need to ensure that there isn't a step
// in the workflow after the `init` step which installs a different version of Go and takes precedence in the PATH,
// thus potentially circumventing our workaround that allows tracing to work.
const goInitPath = process.env[EnvVar.GO_BINARY_LOCATION];

if (
process.env[EnvVar.DID_AUTOBUILD_GOLANG] !== "true" &&
goInitPath !== undefined
) {
const goBinaryPath = await safeWhich("go");

if (goInitPath !== goBinaryPath) {
core.warning(
`Expected \`which go\` to return ${goInitPath}, but got ${goBinaryPath}: please ensure that the correct version of Go is installed before the \`codeql-action/init\` Action is used.`,
);

addDiagnostic(
config,
Language.go,
makeDiagnostic(
"go/workflow/go-installed-after-codeql-init",
"Go was installed after the `codeql-action/init` Action was run",
{
markdownMessage:
"To avoid interfering with the CodeQL analysis, perform all installation steps before calling the `github/codeql-action/init` Action.",
visibility: {
statusPage: true,
telemetry: true,
cliSummaryTable: true,
},
severity: "warning",
},
),
);
}
}

await warnIfGoInstalledAfterInit(config, logger);
await runAutobuildIfLegacyGoWorkflow(config, logger);

dbCreationTimings = await runFinalize(
Expand Down Expand Up @@ -337,7 +303,7 @@ async function run() {

// We don't upload results in test mode, so don't wait for processing
if (util.isInTestMode()) {
core.debug("In test mode. Waiting for processing is disabled.");
logger.debug("In test mode. Waiting for processing is disabled.");
} else if (
uploadResult !== undefined &&
actionsUtil.getRequiredInput("wait-for-processing") === "true"
Expand Down
48 changes: 48 additions & 0 deletions src/analyze.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import * as path from "path";
import { performance } from "perf_hooks";

import * as toolrunner from "@actions/exec/lib/toolrunner";
import { safeWhich } from "@chrisgavin/safe-which";
import del from "del";
import * as yaml from "js-yaml";

Expand All @@ -12,6 +13,8 @@ import {
getCodeQL,
} from "./codeql";
import * as configUtils from "./config-utils";
import { addDiagnostic, makeDiagnostic } from "./diagnostics";
import { EnvVar } from "./environment";
import {
FeatureEnablement,
Feature,
Expand Down Expand Up @@ -419,6 +422,51 @@ export async function runFinalize(
return timings;
}

export async function warnIfGoInstalledAfterInit(
config: configUtils.Config,
logger: Logger,
) {
// Check that `which go` still points at the same path it did when the `init` Action ran to ensure that no steps
// in-between performed any setup. We encourage users to perform all setup tasks before initializing CodeQL so that
// the setup tasks do not interfere with our analysis.
// Furthermore, if we installed a wrapper script in the `init` Action, we need to ensure that there isn't a step
// in the workflow after the `init` step which installs a different version of Go and takes precedence in the PATH,
// thus potentially circumventing our workaround that allows tracing to work.
const goInitPath = process.env[EnvVar.GO_BINARY_LOCATION];

if (
process.env[EnvVar.DID_AUTOBUILD_GOLANG] !== "true" &&
goInitPath !== undefined
) {
const goBinaryPath = await safeWhich("go");

if (goInitPath !== goBinaryPath) {
logger.warning(
`Expected \`which go\` to return ${goInitPath}, but got ${goBinaryPath}: please ensure that the correct version of Go is installed before the \`codeql-action/init\` Action is used.`,
);

addDiagnostic(
config,
Language.go,
makeDiagnostic(
"go/workflow/go-installed-after-codeql-init",
"Go was installed after the `codeql-action/init` Action was run",
{
markdownMessage:
"To avoid interfering with the CodeQL analysis, perform all installation steps before calling the `github/codeql-action/init` Action.",
visibility: {
statusPage: true,
telemetry: true,
cliSummaryTable: true,
},
severity: "warning",
},
),
);
}
}
}

export async function runCleanup(
config: configUtils.Config,
cleanupLevel: string,
Expand Down