actions/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action synced 2026-05-23 20:00:54 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
c6ff11c1c4ec49d56db8b7c807c5b439c5889dea
codeql-action/lib/codeql.test.js
T

689 lines
30 KiB
JavaScript
Raw Normal View History

Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
"use strict";
Rebuild after TypeScript version bump
2021-07-27 17:59:59 +01:00
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Upgrade TypeScript to 9.2.0
2023-01-18 20:00:33 +00:00
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
Rebuild after TypeScript version bump
2021-07-27 17:59:59 +01:00
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
Rebuild after TypeScript version bump
2021-07-27 17:59:59 +01:00
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
return result;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
Implement unit tests for reading the Lua tracer FF in analyze-action.
2022-06-27 16:01:48 +00:00
exports.stubToolRunnerConstructor = void 0;
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const fs = __importStar(require("fs"));
Move CodeQL setup to its own file
2023-01-09 14:53:52 +00:00
const path_1 = __importDefault(require("path"));
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
const toolcache = __importStar(require("@actions/tool-cache"));
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
const safeWhich = __importStar(require("@chrisgavin/safe-which"));
Resolve violations of sort-imports lint
2020-09-29 14:43:37 +01:00
const ava_1 = __importDefault(require("ava"));
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const del_1 = __importDefault(require("del"));
const yaml = __importStar(require("js-yaml"));
Switching to import/order instead of sort-imports
2020-10-01 11:03:30 +01:00
const nock_1 = __importDefault(require("nock"));
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
const sinon = __importStar(require("sinon"));
Remove fallback logic for GHES 2.22 when determining Action repository
2022-11-23 18:19:25 +00:00
const actionsUtil = __importStar(require("./actions-util"));
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
const api = __importStar(require("./api-client"));
Switching to import/order instead of sort-imports
2020-10-01 11:03:30 +01:00
const codeql = __importStar(require("./codeql"));
const defaults = __importStar(require("./defaults.json"));
Add tests for the Lua feature flag.
2022-05-09 12:02:19 +00:00
const feature_flags_1 = require("./feature-flags");
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
const init_1 = require("./init");
Add tests for the Lua feature flag.
2022-05-09 12:02:19 +00:00
const languages_1 = require("./languages");
Convert rest of the actions
2020-08-25 16:19:15 +01:00
const logging_1 = require("./logging");
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
const testing_utils_1 = require("./testing-utils");
Switching to import/order instead of sort-imports
2020-10-01 11:03:30 +01:00
const util = __importStar(require("./util"));
Add environment variables to signal feature and version to the CLI
2021-06-01 14:49:07 -07:00
const util_1 = require("./util");
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, testing_utils_1.setupTests)(ava_1.default);
Introduce parameter object for API params that travel together
2020-11-23 14:18:05 +00:00
const sampleApiDetails = {
auth: "token",
Fix tests
2020-11-24 11:10:25 +00:00
url: "https://github.com",
Fix GHAE CodeQL setup test
2023-01-10 12:58:15 +00:00
apiURL: "https://api.github.com",
Introduce parameter object for API params that travel together
2020-11-23 14:18:05 +00:00
};
When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first.
2021-03-07 09:27:19 +00:00
const sampleGHAEApiDetails = {
auth: "token",
url: "https://example.githubenterprise.com",
Fix GHAE CodeQL setup test
2023-01-10 12:58:15 +00:00
apiURL: "https://example.githubenterprise.com/api/v3",
When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first.
2021-03-07 09:27:19 +00:00
};
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const SAMPLE_DEFAULT_CLI_VERSION = {
cliVersion: "2.0.0",
variant: util.GitHubVariant.DOTCOM,
};
Add packs and queries from input
2022-06-19 16:44:24 -07:00
let stubConfig;
Send the version and mode with the user agent
2021-05-20 15:20:32 -07:00
ava_1.default.beforeEach(() => {
Remove concept of Actions / runner mode
2022-11-14 16:37:48 +00:00
(0, util_1.initializeEnvironment)("1.2.3");
Add packs and queries from input
2022-06-19 16:44:24 -07:00
stubConfig = {
languages: [languages_1.Language.cpp],
queries: {},
pathsIgnore: [],
paths: [],
originalUserInput: {},
tempDir: "",
codeQLCmd: "",
gitHubVersion: {
type: util.GitHubVariant.DOTCOM,
},
dbLocation: "",
packs: {},
debugMode: false,
debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
augmentationProperties: {
injectedMlQueries: false,
packsInputCombines: false,
queriesInputCombines: false,
},
Merge branch 'main' into aeisenberg/fix-config-files
2022-08-10 15:39:35 -07:00
trapCaches: {},
Add telemetry for TRAP caching
2022-08-15 14:44:43 +01:00
trapCacheDownloadTime: 0,
Add packs and queries from input
2022-06-19 16:44:24 -07:00
};
Send the version and mode with the user agent
2021-05-20 15:20:32 -07:00
});
Add JSDoc for mockDownloadApi
2023-01-11 15:25:21 +00:00
/**
* Mocks the API for downloading the bundle tagged `tagName`.
*
* @returns the download URL for the bundle. This can be passed to the tools parameter of
* `codeql.setupCodeQL`.
*/
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, tagName, }) {
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
const platform = process.platform === "win32"
? "win64"
: process.platform === "linux"
? "linux64"
: "osx64";
Upgrade TypeScript to 9.2.0
2023-01-18 20:00:33 +00:00
const baseUrl = apiDetails?.url ?? "https://example.com";
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
const relativeUrl = apiDetails
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
? `/github/codeql-action/releases/download/${tagName}/codeql-bundle-${platform}.tar.gz`
: `/download/${tagName}/codeql-bundle.tar.gz`;
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
(0, nock_1.default)(baseUrl)
.get(relativeUrl)
Move CodeQL setup to its own file
2023-01-09 14:53:52 +00:00
.replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle${isPinned ? "-pinned" : ""}.tar.gz`));
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
return `${baseUrl}${relativeUrl}`;
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
}
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
async function installIntoToolcache({ apiDetails = sampleApiDetails, cliVersion, isPinned, tagName, tmpDir, }) {
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
const url = mockDownloadApi({ apiDetails, isPinned, tagName });
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
await codeql.setupCodeQL(cliVersion !== undefined ? undefined : url, apiDetails, tmpDir, util.GitHubVariant.GHES, false, cliVersion !== undefined
? { cliVersion, tagName, variant: util.GitHubVariant.GHES }
: SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
}
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
function mockReleaseApi({ apiDetails = sampleApiDetails, assetNames, tagName, }) {
return (0, nock_1.default)(apiDetails.apiURL)
.get(`/repos/github/codeql-action/releases/tags/${tagName}`)
.reply(200, {
assets: assetNames.map((name) => ({
name,
})),
tag_name: tagName,
});
}
function mockApiDetails(apiDetails) {
// This is a workaround to mock `api.getApiDetails()` since it doesn't seem to be possible to
// mock this directly. The difficulty is that `getApiDetails()` is called locally in
// `api-client.ts`, but `sinon.stub(api, "getApiDetails")` only affects calls to
// `getApiDetails()` via an imported `api` module.
sinon
.stub(actionsUtil, "getRequiredInput")
.withArgs("token")
.returns(apiDetails.auth);
const requiredEnvParamStub = sinon.stub(util, "getRequiredEnvParam");
requiredEnvParamStub.withArgs("GITHUB_SERVER_URL").returns(apiDetails.url);
requiredEnvParamStub
.withArgs("GITHUB_API_URL")
.returns(apiDetails.apiURL || "");
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
}
(0, ava_1.default)("downloads and caches explicitly requested bundles that aren't in the toolcache", async (t) => {
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
await util.withTmpDir(async (tmpDir) => {
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
Running lint-fix
2020-09-14 10:44:43 +01:00
const versions = ["20200601", "20200610"];
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
for (let i = 0; i < versions.length; i++) {
const version = versions[i];
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
const url = mockDownloadApi({
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
tagName: `codeql-bundle-${version}`,
isPinned: false,
});
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
Running lint-fix
2020-09-14 10:44:43 +01:00
t.assert(toolcache.find("CodeQL", `0.0.0-${version}`));
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
t.is(result.toolsVersion, `0.0.0-${version}`);
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Download);
Ensure that tools_download_duration_ms is int (#1513)
2023-01-27 01:03:57 -08:00
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
}
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
t.is(toolcache.findAllVersions("CodeQL").length, 2);
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
});
});
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
(0, ava_1.default)("downloads an explicitly requested bundle even if a different version is cached", async (t) => {
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
await util.withTmpDir(async (tmpDir) => {
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
await installIntoToolcache({
tagName: "codeql-bundle-20200601",
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
isPinned: true,
tmpDir,
});
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
const url = mockDownloadApi({
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
tagName: "codeql-bundle-20200610",
Correctly report CodeQL version when using cache (#1259)
2022-10-05 09:16:42 -07:00
});
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
t.deepEqual(result.toolsVersion, "0.0.0-20200610");
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Download);
Ensure that tools_download_duration_ms is int (#1513)
2023-01-27 01:03:57 -08:00
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
});
});
Support cli-version-x.y.z-pre.txt marker files
2023-01-18 15:55:23 +00:00
const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
{
cliVersion: "2.10.0",
expectedToolcacheVersion: "2.10.0-20200610",
},
{
cliVersion: "2.10.0-pre",
expectedToolcacheVersion: "0.0.0-20200610",
},
Add test case
2023-01-20 15:30:57 +00:00
{
cliVersion: "2.10.0+202006100101",
expectedToolcacheVersion: "0.0.0-20200610",
},
Support cli-version-x.y.z-pre.txt marker files
2023-01-18 15:55:23 +00:00
];
for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
(0, ava_1.default)(`caches an explicitly requested bundle containing CLI ${cliVersion} as ${expectedToolcacheVersion}`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
mockApiDetails(sampleApiDetails);
sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
const releaseApiMock = mockReleaseApi({
assetNames: [`cli-version-${cliVersion}.txt`],
tagName: "codeql-bundle-20200610",
});
const url = mockDownloadApi({
tagName: "codeql-bundle-20200610",
});
const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
t.assert(releaseApiMock.isDone(), "Releases API should have been called");
t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
t.deepEqual(result.toolsVersion, cliVersion);
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Download);
Ensure that tools_download_duration_ms is int (#1513)
2023-01-27 01:03:57 -08:00
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
});
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
});
Support cli-version-x.y.z-pre.txt marker files
2023-01-18 15:55:23 +00:00
}
Add failing regression test
2023-01-26 11:16:13 +00:00
for (const { githubReleases, toolcacheVersion } of [
// Test that we use the tools from the toolcache when `SAMPLE_DEFAULT_CLI_VERSION` is requested
// and `SAMPLE_DEFAULT_CLI_VERSION-` is in the toolcache.
Allow using a x.y.z-yyyymmdd toolcache version for CLI x.y.z.
2023-01-12 15:39:26 +00:00
{
Add failing regression test
2023-01-26 11:16:13 +00:00
toolcacheVersion: SAMPLE_DEFAULT_CLI_VERSION.cliVersion,
Allow using a x.y.z-yyyymmdd toolcache version for CLI x.y.z.
2023-01-12 15:39:26 +00:00
},
{
Add failing regression test
2023-01-26 11:16:13 +00:00
githubReleases: {
"codeql-bundle-20230101": `cli-version-${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}.txt`,
},
toolcacheVersion: "0.0.0-20230101",
Allow using a x.y.z-yyyymmdd toolcache version for CLI x.y.z.
2023-01-12 15:39:26 +00:00
},
{
Add failing regression test
2023-01-26 11:16:13 +00:00
toolcacheVersion: `${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`,
Allow using a x.y.z-yyyymmdd toolcache version for CLI x.y.z.
2023-01-12 15:39:26 +00:00
},
]) {
Add failing regression test
2023-01-26 11:16:13 +00:00
(0, ava_1.default)(`uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.cliVersion} is requested and ` +
`${toolcacheVersion} is installed`, async (t) => {
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
Add failing regression test
2023-01-26 11:16:13 +00:00
sinon
.stub(toolcache, "find")
.withArgs("CodeQL", toolcacheVersion)
.returns("path/to/cached/codeql");
sinon.stub(toolcache, "findAllVersions").returns([toolcacheVersion]);
if (githubReleases) {
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
sinon.stub(api, "getApiClient").value(() => ({
repos: {
listReleases: sinon.stub().resolves(undefined),
},
Add failing regression test
2023-01-26 11:16:13 +00:00
paginate: sinon.stub().resolves(Object.entries(githubReleases).map(([releaseTagName, cliVersionMarkerFile]) => ({
assets: [
{
name: cliVersionMarkerFile,
},
],
tag_name: releaseTagName,
}))),
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
}));
}
const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
t.is(result.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion);
Add failing regression test
2023-01-26 11:16:13 +00:00
t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
t.is(result.toolsDownloadDurationMs, undefined);
Correctly report CodeQL version when using cache (#1259)
2022-10-05 09:16:42 -07:00
});
Add test for using default version with no requested URL on Dotcom
2023-01-10 13:37:46 +00:00
});
}
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
for (const variant of [util.GitHubVariant.GHAE, util.GitHubVariant.GHES]) {
(0, ava_1.default)(`uses a cached bundle when no tools input is given on ${util.GitHubVariant[variant]}`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
await installIntoToolcache({
tagName: "codeql-bundle-20200601",
isPinned: true,
tmpDir,
});
const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, false, {
cliVersion: defaults.cliVersion,
tagName: defaults.bundleVersion,
variant,
}, (0, logging_1.getRunnerLogger)(true), false);
t.deepEqual(result.toolsVersion, "0.0.0-20200601");
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
t.is(result.toolsDownloadDurationMs, undefined);
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const cachedVersions = toolcache.findAllVersions("CodeQL");
t.is(cachedVersions.length, 1);
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
});
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
});
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
(0, ava_1.default)(`downloads bundle if only an unpinned version is cached on ${util.GitHubVariant[variant]}`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
await installIntoToolcache({
tagName: "codeql-bundle-20200601",
isPinned: false,
tmpDir,
});
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
mockDownloadApi({
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
tagName: defaults.bundleVersion,
});
const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, false, {
cliVersion: defaults.cliVersion,
tagName: defaults.bundleVersion,
variant,
}, (0, logging_1.getRunnerLogger)(true), false);
t.deepEqual(result.toolsVersion, defaults.cliVersion);
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Download);
Ensure that tools_download_duration_ms is int (#1513)
2023-01-27 01:03:57 -08:00
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const cachedVersions = toolcache.findAllVersions("CodeQL");
t.is(cachedVersions.length, 2);
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
});
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
});
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
}
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
(0, ava_1.default)('downloads bundle if "latest" tools specified but not cached', async (t) => {
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
await util.withTmpDir(async (tmpDir) => {
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
await installIntoToolcache({
tagName: "codeql-bundle-20200601",
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
isPinned: true,
tmpDir,
});
Cache explicitly requested bundles with their URL if possible
2023-01-12 20:44:05 +00:00
mockDownloadApi({
Improve CodeQL setup test structure and naming
2023-01-09 18:18:52 +00:00
tagName: defaults.bundleVersion,
Improve readability of CodeQL bundle tests
2022-08-16 15:38:55 +01:00
});
Use new default version to set up CodeQL
2023-01-10 13:16:22 +00:00
const result = await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
t.deepEqual(result.toolsVersion, defaults.cliVersion);
Send tools telemetry to init status report (#1497)
2023-01-25 11:09:18 -08:00
t.is(result.toolsSource, init_1.ToolsSource.Download);
Ensure that tools_download_duration_ms is int (#1513)
2023-01-27 01:03:57 -08:00
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
Allowing a cached version of the CodeQL bundle sometimes
2020-09-22 14:38:27 +01:00
const cachedVersions = toolcache.findAllVersions("CodeQL");
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
t.is(cachedVersions.length, 2);
});
});
Add regression test for a bundle URL without a tag
2023-02-03 19:11:40 +00:00
for (const isBundleVersionInUrl of [true, false]) {
const inclusionString = isBundleVersionInUrl
? "includes"
: "does not include";
(0, ava_1.default)(`download codeql bundle from github ae endpoint (URL ${inclusionString} bundle version)`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
const bundleAssetID = 10;
const platform = process.platform === "win32"
? "win64"
: process.platform === "linux"
? "linux64"
: "osx64";
const codeQLBundleName = `codeql-bundle-${platform}.tar.gz`;
const eventualDownloadUrl = isBundleVersionInUrl
? `https://example.githubenterprise.com/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`
: `https://example.githubenterprise.com/api/v3/repos/github/codeql-action/releases/assets/${bundleAssetID}`;
(0, nock_1.default)("https://example.githubenterprise.com")
.get(`/api/v3/enterprise/code-scanning/codeql-bundle/find/${defaults.bundleVersion}`)
.reply(200, {
assets: { [codeQLBundleName]: bundleAssetID },
});
(0, nock_1.default)("https://example.githubenterprise.com")
.get(`/api/v3/enterprise/code-scanning/codeql-bundle/download/${bundleAssetID}`)
.reply(200, {
url: eventualDownloadUrl,
});
(0, nock_1.default)("https://example.githubenterprise.com")
.get(eventualDownloadUrl.replace("https://example.githubenterprise.com", ""))
.replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
mockApiDetails(sampleGHAEApiDetails);
sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
process.env["GITHUB_ACTION_REPOSITORY"] = "github/codeql-action";
const result = await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, false, {
cliVersion: defaults.cliVersion,
tagName: defaults.bundleVersion,
variant: util.GitHubVariant.GHAE,
}, (0, logging_1.getRunnerLogger)(true), false);
t.is(result.toolsSource, init_1.ToolsSource.Download);
t.assert(Number.isInteger(result.toolsDownloadDurationMs));
const cachedVersions = toolcache.findAllVersions("CodeQL");
t.is(cachedVersions.length, 1);
When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first.
2021-03-07 09:27:19 +00:00
});
});
Add regression test for a bundle URL without a tag
2023-02-03 19:11:40 +00:00
}
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, ava_1.default)("getExtraOptions works for explicit paths", (t) => {
Running lint-fix
2020-09-14 10:44:43 +01:00
t.deepEqual(codeql.getExtraOptions({}, ["foo"], []), []);
t.deepEqual(codeql.getExtraOptions({ foo: [42] }, ["foo"], []), ["42"]);
t.deepEqual(codeql.getExtraOptions({ foo: { bar: [42] } }, ["foo", "bar"], []), ["42"]);
build typescript
2020-08-10 09:25:14 +02:00
});
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, ava_1.default)("getExtraOptions works for wildcards", (t) => {
Running lint-fix
2020-09-14 10:44:43 +01:00
t.deepEqual(codeql.getExtraOptions({ "*": [42] }, ["foo"], []), ["42"]);
build typescript
2020-08-10 09:25:14 +02:00
});
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, ava_1.default)("getExtraOptions works for wildcards and explicit paths", (t) => {
Running lint-fix
2020-09-14 10:44:43 +01:00
const o1 = { "*": [42], foo: [87] };
t.deepEqual(codeql.getExtraOptions(o1, ["foo"], []), ["42", "87"]);
const o2 = { "*": [42], foo: [87] };
t.deepEqual(codeql.getExtraOptions(o2, ["foo", "bar"], []), ["42"]);
const o3 = { "*": [42], foo: { "*": [87], bar: [99] } };
const p = ["foo", "bar"];
t.deepEqual(codeql.getExtraOptions(o3, p, []), ["42", "87", "99"]);
build typescript
2020-08-10 09:25:14 +02:00
});
Fix compile errors introduced by typescript 4.4.2
2021-09-10 13:53:13 -07:00
(0, ava_1.default)("getExtraOptions throws for bad content", (t) => {
Running lint-fix
2020-09-14 10:44:43 +01:00
t.throws(() => codeql.getExtraOptions({ "*": 42 }, ["foo"], []));
t.throws(() => codeql.getExtraOptions({ foo: 87 }, ["foo"], []));
t.throws(() => codeql.getExtraOptions({ "*": [42], foo: { "*": 87, bar: [99] } }, ["foo", "bar"], []));
build typescript
2020-08-10 09:25:14 +02:00
});
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
(0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be absent, but it is present");
});
(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be present, but it is absent");
});
Add packs and queries from input
2022-06-19 16:44:24 -07:00
(0, ava_1.default)("databaseInitCluster() without injected codescanning config", async (t) => {
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const thisStubConfig = {
...stubConfig,
tempDir,
augmentationProperties: {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
},
};
Remove runner-only input to databaseInitCluster
2022-11-14 18:49:17 +00:00
await codeqlObject.databaseInitCluster(thisStubConfig, "", undefined, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const args = runnerConstructorStub.firstCall.args[1];
// should NOT have used an config file
const configArg = args.find((arg) => arg.startsWith("--codescanning-config="));
t.falsy(configArg, "Should have injected a codescanning config");
});
});
// Test macro for ensuring different variants of injected augmented configurations
const injectedConfigMacro = ava_1.default.macro({
exec: async (t, augmentationProperties, configOverride, expectedConfig) => {
Refactor handling of feature flags
2022-10-05 15:54:07 -07:00
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
.resolves(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion);
Refactor handling of feature flags
2022-10-05 15:54:07 -07:00
const thisStubConfig = {
...stubConfig,
...configOverride,
tempDir,
augmentationProperties,
};
Remove runner-only input to databaseInitCluster
2022-11-14 18:49:17 +00:00
await codeqlObject.databaseInitCluster(thisStubConfig, "", undefined, (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.CliConfigFileEnabled]), (0, logging_1.getRunnerLogger)(true));
Refactor handling of feature flags
2022-10-05 15:54:07 -07:00
const args = runnerConstructorStub.firstCall.args[1];
// should have used an config file
const configArg = args.find((arg) => arg.startsWith("--codescanning-config="));
t.truthy(configArg, "Should have injected a codescanning config");
const configFile = configArg.split("=")[1];
const augmentedConfig = yaml.load(fs.readFileSync(configFile, "utf8"));
t.deepEqual(augmentedConfig, expectedConfig);
await (0, del_1.default)(configFile, { force: true });
});
Add packs and queries from input
2022-06-19 16:44:24 -07:00
},
title: (providedTitle = "") => `databaseInitCluster() injected config: ${providedTitle}`,
});
(0, ava_1.default)("basic", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
}, {}, {});
(0, ava_1.default)("injected ML queries", injectedConfigMacro, {
injectedMlQueries: true,
queriesInputCombines: false,
packsInputCombines: false,
}, {}, {
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
packs: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
Add packs and queries from input
2022-06-19 16:44:24 -07:00
});
(0, ava_1.default)("injected ML queries with existing packs", injectedConfigMacro, {
injectedMlQueries: true,
queriesInputCombines: false,
packsInputCombines: false,
}, {
originalUserInput: {
packs: { javascript: ["codeql/something-else"] },
},
}, {
packs: {
javascript: [
"codeql/something-else",
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
"codeql/javascript-experimental-atm-queries@~0.4.0",
Add packs and queries from input
2022-06-19 16:44:24 -07:00
],
},
});
(0, ava_1.default)("injected ML queries with existing packs of different language", injectedConfigMacro, {
injectedMlQueries: true,
queriesInputCombines: false,
packsInputCombines: false,
}, {
originalUserInput: {
packs: { cpp: ["codeql/something-else"] },
},
}, {
packs: {
cpp: ["codeql/something-else"],
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
javascript: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
Add packs and queries from input
2022-06-19 16:44:24 -07:00
},
});
(0, ava_1.default)("injected packs from input", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
packsInput: ["xxx", "yyy"],
}, {}, {
packs: ["xxx", "yyy"],
});
(0, ava_1.default)("injected packs from input with existing packs combines", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: true,
packsInput: ["xxx", "yyy"],
}, {
originalUserInput: {
packs: {
cpp: ["codeql/something-else"],
},
},
}, {
packs: {
cpp: ["codeql/something-else", "xxx", "yyy"],
},
});
(0, ava_1.default)("injected packs from input with existing packs overrides", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
packsInput: ["xxx", "yyy"],
}, {
originalUserInput: {
packs: {
cpp: ["codeql/something-else"],
},
},
}, {
packs: ["xxx", "yyy"],
});
(0, ava_1.default)("injected packs from input with existing packs overrides and ML model inject", injectedConfigMacro, {
injectedMlQueries: true,
queriesInputCombines: false,
packsInputCombines: false,
packsInput: ["xxx", "yyy"],
}, {
originalUserInput: {
packs: {
cpp: ["codeql/something-else"],
},
},
}, {
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.4.0"],
Add packs and queries from input
2022-06-19 16:44:24 -07:00
});
// similar, but with queries
(0, ava_1.default)("injected queries from input", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
}, {}, {
queries: [
{
uses: "xxx",
},
{
uses: "yyy",
},
],
});
(0, ava_1.default)("injected queries from input overrides", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: false,
packsInputCombines: false,
queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
}, {
originalUserInput: {
queries: [{ uses: "zzz" }],
},
}, {
queries: [
{
uses: "xxx",
},
{
uses: "yyy",
},
],
});
(0, ava_1.default)("injected queries from input combines", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: true,
packsInputCombines: false,
queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
}, {
originalUserInput: {
queries: [{ uses: "zzz" }],
},
}, {
queries: [
{
uses: "zzz",
},
{
uses: "xxx",
},
{
uses: "yyy",
},
],
});
(0, ava_1.default)("injected queries from input combines 2", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: true,
packsInputCombines: true,
queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
}, {}, {
queries: [
{
uses: "xxx",
},
{
uses: "yyy",
},
],
});
(0, ava_1.default)("injected queries and packs, but empty", injectedConfigMacro, {
injectedMlQueries: false,
queriesInputCombines: true,
packsInputCombines: true,
queriesInput: [],
packsInput: [],
}, {
originalUserInput: {
packs: [],
queries: [],
},
}, {});
Bypass toolcache when feature flag enabled
2022-08-16 13:58:59 +01:00
(0, ava_1.default)("does not use injected config", async (t) => {
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const origCODEQL_PASS_CONFIG_TO_CLI = process.env.CODEQL_PASS_CONFIG_TO_CLI;
process.env["CODEQL_PASS_CONFIG_TO_CLI"] = "false";
try {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
Send the external repository token to the CLI
2023-01-05 17:34:59 -08:00
.resolves(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion);
Remove runner-only input to databaseInitCluster
2022-11-14 18:49:17 +00:00
await codeqlObject.databaseInitCluster(stubConfig, "", undefined, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
Add packs and queries from input
2022-06-19 16:44:24 -07:00
const args = runnerConstructorStub.firstCall.args[1];
// should have used an config file
const configArg = args.find((arg) => arg.startsWith("--codescanning-config="));
t.falsy(configArg, "Should NOT have injected a codescanning config");
}
finally {
process.env["CODEQL_PASS_CONFIG_TO_CLI"] = origCODEQL_PASS_CONFIG_TO_CLI;
}
});
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-baseline-file-info for 2.11.3", async (t) => {
Forward file baseline information enablement to CLI
2022-10-26 16:14:02 +01:00
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
sinon.stub(codeqlObject, "getVersion").resolves("2.11.3");
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
Forward file baseline information enablement to CLI
2022-10-26 16:14:02 +01:00
t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info should be present, but it is absent");
});
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
(0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-baseline-file-info for 2.11.2", async (t) => {
Forward file baseline information enablement to CLI
2022-10-26 16:14:02 +01:00
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
sinon.stub(codeqlObject, "getVersion").resolves("2.11.2");
Surface fatal CLI errors in interpret-results and run-queries (#1407)
2022-12-02 14:05:21 +01:00
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
Enable file baseline export by default
2022-12-05 14:10:06 +00:00
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
Forward file baseline information enablement to CLI
2022-10-26 16:14:02 +01:00
t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info must be absent, but it is present");
});
Include custom query help in analysis results
2021-11-03 13:19:01 -07:00
function stubToolRunnerConstructor() {
const runnerObjectStub = sinon.createStubInstance(toolrunner.ToolRunner);
runnerObjectStub.exec.resolves(0);
const runnerConstructorStub = sinon.stub(toolrunner, "ToolRunner");
runnerConstructorStub.returns(runnerObjectStub);
return runnerConstructorStub;
}
Implement unit tests for reading the Lua tracer FF in analyze-action.
2022-06-27 16:01:48 +00:00
exports.stubToolRunnerConstructor = stubToolRunnerConstructor;
Introduce wrapper around codeql
2020-06-26 17:22:19 +01:00
//# sourceMappingURL=codeql.test.js.map
Reference in New Issue Copy Permalink