Add an integration test for packaging

Uses two pre-existing packages to run some simple queries on a javascript database.
github · aeisenberg · Jun 17, 2021 · Jun 3, 2021 · Jun 4, 2021 · Jun 4, 2021
commit d42f654f7ab2bd398e52ec88903fb2c4c62c17f1
@@ -82,6 +82,50 @@ jobs:
           exit 1
         fi
 
+  # Packaging test that runs against a javascript database
+  test-packaging-javascript:
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+        mv ../action/.github/workflows .github
+    - uses: ./../action/init
+      with:
+        db-location: "${{ runner.temp }}/customDbLocation"
+        config-file: ".github/codeql/codeql-config-packaging.yml"
+        languages: javascript
+        # TODO: this is temporary until we have a release that includes the latest packaging work.
+        tools: https://github.com/dsp-testing/aeisenberg-codeql-action-packaging/releases/download/codeql-bundle-20210606/codeql-bundle-linux64.tar.gz
+
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: "${{ runner.temp }}/results"
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript-custom.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+
   # Identify the CodeQL tool versions to integration test against.
   check-codeql-versions:
     needs: [check-js, check-node-modules]

@@ -799,7 +799,10 @@ function getCodeQLForCmd(cmd: string): CodeQL {
         const parsedOutput: PackDownloadOutput = JSON.parse(output);
         if (
           Array.isArray(parsedOutput.packs) &&
-          parsedOutput.packs.every((p) => p.name && p.version)
+          // TODO PackDownloadOutput will not include the version if it is not specified
+          // in the input. The version is always the latest version available.
+          // It should be added to the output, but this requires a CLI change
+          parsedOutput.packs.every((p) => p.name /* && p.version */)
         ) {
           return parsedOutput;
         } else {

@@ -20,7 +20,7 @@ test("ensure lines of code works for cpp and js", async (t) => {
 
   t.deepEqual(results, {
     cpp: 6,
-    javascript: 3,
+    javascript: 9,
   });
 });
 
@@ -34,7 +34,7 @@ test("ensure lines of code can handle undefined language", async (t) => {
   );
 
   t.deepEqual(results, {
-    javascript: 3,
+    javascript: 9,
     python: 5,
   });
 });
@@ -93,6 +93,6 @@ test("ensure lines of code can handle exclude", async (t) => {
   );
 
   t.deepEqual(results, {
-    javascript: 3,
+    javascript: 9,
   });
 });
@@ -0,0 +1,10 @@
+name: Pack testing in the CodeQL Action
+
+disable-default-queries: true
+packs:
+  javascript:
+    - dsp-testing/[email protected]
+    - dsp-testing/codeql-pack2 # latest
+paths-ignore:
+  - tests
+  - lib
@@ -1,3 +1,12 @@
 if (true) {
     console.log("Hello, World!");
+    console.log("Good-bye, World!");
+}
+
+if (true) {
+    console.log("Hello, World!");
+}
+
+if (true) {
+    // empty
 }