From 6ce923c3755eec7fa70ed17e25058e9e1adafb3f Mon Sep 17 00:00:00 2001 From: Robert Date: Fri, 6 Jan 2023 15:00:24 +0000 Subject: [PATCH 1/8] Use a stream when uploading database contents --- lib/database-upload.js | 5 +++-- lib/database-upload.js.map | 2 +- src/database-upload.ts | 7 +++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/database-upload.js b/lib/database-upload.js index 3f51505b29..1da6e434f4 100644 --- a/lib/database-upload.js +++ b/lib/database-upload.js @@ -48,17 +48,18 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) { // Although we are uploading arbitrary file contents to the API, it's worth // noting that it's the API's job to validate that the contents is acceptable. // This API method is available to anyone with write access to the repo. - const payload = fs.readFileSync(await (0, util_1.bundleDb)(config, language, codeql, language)); + const bundledDb = await (0, util_1.bundleDb)(config, language, codeql, language); try { await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, language, name: `${language}-database`, - data: payload, + data: fs.createReadStream(bundledDb), headers: { authorization: `token ${apiDetails.auth}`, "Content-Type": "application/zip", + "Content-Length": fs.statSync(bundledDb).size, }, }); logger.debug(`Successfully uploaded database for ${language}`); diff --git a/lib/database-upload.js.map b/lib/database-upload.js.map index 8d8834b31d..b2363a1e2b 100644 --- a/lib/database-upload.js.map +++ b/lib/database-upload.js.map @@ -1 +1 @@ -{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAC7B,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CACnD,CAAC;QACF,IAAI;YACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;iBAClC;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAxDD,0CAwDC"} \ No newline at end of file +{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;QACrE,IAAI;YACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC;gBACpC,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;oBACjC,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI;iBAC9C;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAvDD,0CAuDC"} \ No newline at end of file diff --git a/src/database-upload.ts b/src/database-upload.ts index 16e41ae372..4e13fdafb1 100644 --- a/src/database-upload.ts +++ b/src/database-upload.ts @@ -40,9 +40,7 @@ export async function uploadDatabases( // Although we are uploading arbitrary file contents to the API, it's worth // noting that it's the API's job to validate that the contents is acceptable. // This API method is available to anyone with write access to the repo. - const payload = fs.readFileSync( - await bundleDb(config, language, codeql, language) - ); + const bundledDb = await bundleDb(config, language, codeql, language); try { await client.request( `POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, @@ -51,10 +49,11 @@ export async function uploadDatabases( repo: repositoryNwo.repo, language, name: `${language}-database`, - data: payload, + data: fs.createReadStream(bundledDb), headers: { authorization: `token ${apiDetails.auth}`, "Content-Type": "application/zip", + "Content-Length": fs.statSync(bundledDb).size, }, } ); From e8f7169839dc1f67e8c054ca34d570ff5bda0a4d Mon Sep 17 00:00:00 2001 From: Robert Date: Fri, 6 Jan 2023 15:28:25 +0000 Subject: [PATCH 2/8] Move database bundling to inside the try-catch --- lib/database-upload.js | 10 +++++----- lib/database-upload.js.map | 2 +- src/database-upload.ts | 11 ++++++----- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/lib/database-upload.js b/lib/database-upload.js index 1da6e434f4..64595d573c 100644 --- a/lib/database-upload.js +++ b/lib/database-upload.js @@ -44,12 +44,12 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) { const client = (0, api_client_1.getApiClient)(); const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd); for (const language of config.languages) { - // Upload the database bundle. - // Although we are uploading arbitrary file contents to the API, it's worth - // noting that it's the API's job to validate that the contents is acceptable. - // This API method is available to anyone with write access to the repo. - const bundledDb = await (0, util_1.bundleDb)(config, language, codeql, language); try { + // Upload the database bundle. + // Although we are uploading arbitrary file contents to the API, it's worth + // noting that it's the API's job to validate that the contents is acceptable. + // This API method is available to anyone with write access to the repo. + const bundledDb = await (0, util_1.bundleDb)(config, language, codeql, language); await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, diff --git a/lib/database-upload.js.map b/lib/database-upload.js.map index b2363a1e2b..876a5e1f84 100644 --- a/lib/database-upload.js.map +++ b/lib/database-upload.js.map @@ -1 +1 @@ -{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;QACrE,IAAI;YACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC;gBACpC,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;oBACjC,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI;iBAC9C;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAvDD,0CAuDC"} \ No newline at end of file +{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAErE,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC;gBACpC,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;oBACjC,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI;iBAC9C;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAxDD,0CAwDC"} \ No newline at end of file diff --git a/src/database-upload.ts b/src/database-upload.ts index 4e13fdafb1..a09b7c2d30 100644 --- a/src/database-upload.ts +++ b/src/database-upload.ts @@ -36,12 +36,13 @@ export async function uploadDatabases( const codeql = await getCodeQL(config.codeQLCmd); for (const language of config.languages) { - // Upload the database bundle. - // Although we are uploading arbitrary file contents to the API, it's worth - // noting that it's the API's job to validate that the contents is acceptable. - // This API method is available to anyone with write access to the repo. - const bundledDb = await bundleDb(config, language, codeql, language); try { + // Upload the database bundle. + // Although we are uploading arbitrary file contents to the API, it's worth + // noting that it's the API's job to validate that the contents is acceptable. + // This API method is available to anyone with write access to the repo. + const bundledDb = await bundleDb(config, language, codeql, language); + await client.request( `POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, { From 4e5a06f00986c38b1b1d2c81cf62541750641d8a Mon Sep 17 00:00:00 2001 From: Dave Bartolomeo Date: Fri, 6 Jan 2023 10:55:46 -0500 Subject: [PATCH 3/8] Update to CoideQL bundle 20230105 (2.12.0) --- lib/defaults.json | 2 +- src/defaults.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/defaults.json b/lib/defaults.json index 0a136317fe..d3ef761f03 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20221211" + "bundleVersion": "codeql-bundle-20230105" } diff --git a/src/defaults.json b/src/defaults.json index 076e795576..9a7f545bf8 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20221211" + "bundleVersion": "codeql-bundle-20230105" } From bfbb7ab03c233a731a5e08f992449ce5343d5b9a Mon Sep 17 00:00:00 2001 From: Dave Bartolomeo Date: Fri, 6 Jan 2023 11:00:35 -0500 Subject: [PATCH 4/8] Add change note for bundle update --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 637400cb43..719d686f4c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to 2.12.0. [#1466](https://github.com/github/codeql-action/pull/1466) ## 2.1.37 - 14 Dec 2022 From f9c9a2567cd6d9f523ff6c821a55496322b27044 Mon Sep 17 00:00:00 2001 From: Dave Bartolomeo Date: Fri, 6 Jan 2023 12:32:23 -0500 Subject: [PATCH 5/8] Rebuild --- lib/defaults.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/defaults.json b/lib/defaults.json index 4144751346..75ebf1cdc5 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-20230105", - "cliVersion": "2.12.0", - "priorBundleVersion": "codeql-bundle-20221211", - "priorCliVersion": "2.11.6" + "bundleVersion": "codeql-bundle-20230105", + "cliVersion": "2.12.0", + "priorBundleVersion": "codeql-bundle-20221211", + "priorCliVersion": "2.11.6" } From a9337bc30429495a2ec91d261963b834b2626a0d Mon Sep 17 00:00:00 2001 From: Robert Date: Mon, 9 Jan 2023 11:00:43 +0000 Subject: [PATCH 6/8] Close stream after use --- lib/database-upload.js | 33 +++++++++++++++++++------------- lib/database-upload.js.map | 2 +- src/database-upload.ts | 39 +++++++++++++++++++++----------------- 3 files changed, 43 insertions(+), 31 deletions(-) diff --git a/lib/database-upload.js b/lib/database-upload.js index 64595d573c..610998cd40 100644 --- a/lib/database-upload.js +++ b/lib/database-upload.js @@ -50,19 +50,26 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) { // noting that it's the API's job to validate that the contents is acceptable. // This API method is available to anyone with write access to the repo. const bundledDb = await (0, util_1.bundleDb)(config, language, codeql, language); - await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, { - owner: repositoryNwo.owner, - repo: repositoryNwo.repo, - language, - name: `${language}-database`, - data: fs.createReadStream(bundledDb), - headers: { - authorization: `token ${apiDetails.auth}`, - "Content-Type": "application/zip", - "Content-Length": fs.statSync(bundledDb).size, - }, - }); - logger.debug(`Successfully uploaded database for ${language}`); + const bundledDbSize = fs.statSync(bundledDb).size; + const bundledDbReadStream = fs.createReadStream(bundledDb); + try { + await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, { + owner: repositoryNwo.owner, + repo: repositoryNwo.repo, + language, + name: `${language}-database`, + data: bundledDbReadStream, + headers: { + authorization: `token ${apiDetails.auth}`, + "Content-Type": "application/zip", + "Content-Length": bundledDbSize, + }, + }); + logger.debug(`Successfully uploaded database for ${language}`); + } + finally { + bundledDbReadStream.close(); + } } catch (e) { console.log(e); diff --git a/lib/database-upload.js.map b/lib/database-upload.js.map index 876a5e1f84..92068722b0 100644 --- a/lib/database-upload.js.map +++ b/lib/database-upload.js.map @@ -1 +1 @@ -{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAErE,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC;gBACpC,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;oBACjC,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI;iBAC9C;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAxDD,0CAwDC"} \ No newline at end of file +{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YACrE,MAAM,aAAa,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;YAClD,MAAM,mBAAmB,GAAG,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAC3D,IAAI;gBACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;oBACE,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;oBAC5B,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE;wBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;wBACzC,cAAc,EAAE,iBAAiB;wBACjC,gBAAgB,EAAE,aAAa;qBAChC;iBACF,CACF,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;aAChE;oBAAS;gBACR,mBAAmB,CAAC,KAAK,EAAE,CAAC;aAC7B;SACF;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AA7DD,0CA6DC"} \ No newline at end of file diff --git a/src/database-upload.ts b/src/database-upload.ts index a09b7c2d30..1886baa529 100644 --- a/src/database-upload.ts +++ b/src/database-upload.ts @@ -42,23 +42,28 @@ export async function uploadDatabases( // noting that it's the API's job to validate that the contents is acceptable. // This API method is available to anyone with write access to the repo. const bundledDb = await bundleDb(config, language, codeql, language); - - await client.request( - `POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, - { - owner: repositoryNwo.owner, - repo: repositoryNwo.repo, - language, - name: `${language}-database`, - data: fs.createReadStream(bundledDb), - headers: { - authorization: `token ${apiDetails.auth}`, - "Content-Type": "application/zip", - "Content-Length": fs.statSync(bundledDb).size, - }, - } - ); - logger.debug(`Successfully uploaded database for ${language}`); + const bundledDbSize = fs.statSync(bundledDb).size; + const bundledDbReadStream = fs.createReadStream(bundledDb); + try { + await client.request( + `POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, + { + owner: repositoryNwo.owner, + repo: repositoryNwo.repo, + language, + name: `${language}-database`, + data: bundledDbReadStream, + headers: { + authorization: `token ${apiDetails.auth}`, + "Content-Type": "application/zip", + "Content-Length": bundledDbSize, + }, + } + ); + logger.debug(`Successfully uploaded database for ${language}`); + } finally { + bundledDbReadStream.close(); + } } catch (e) { console.log(e); // Log a warning but don't fail the workflow From 620a2672045f830c41b76fb5ec0efed86dcba107 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Tue, 10 Jan 2023 17:31:35 +0000 Subject: [PATCH 7/8] Temporarily disable Kotlin analysis in PR checks Kotlin analysis is incompatible with Kotlin 1.8.0, which is now rolling out to the Actions runner images. While we work on a more permanent fix to our PR checks, this will prevent us losing other test coverage. --- .github/workflows/__analyze-ref-input.yml | 1 + .github/workflows/__autobuild-action.yml | 1 + .github/workflows/__export-file-baseline-information.yml | 1 + .github/workflows/__extractor-ram-threads.yml | 1 + .github/workflows/__go-custom-queries.yml | 1 + .github/workflows/__go-tracing-autobuilder.yml | 1 + .github/workflows/__go-tracing-custom-build-steps.yml | 1 + .github/workflows/__go-tracing-legacy-workflow.yml | 1 + .github/workflows/__init-with-registries.yml | 1 + .github/workflows/__javascript-source-root.yml | 1 + .github/workflows/__ml-powered-queries.yml | 1 + .github/workflows/__multi-language-autodetect.yml | 1 + .../workflows/__packaging-codescanning-config-inputs-js.yml | 1 + .github/workflows/__packaging-config-inputs-js.yml | 1 + .github/workflows/__packaging-config-js.yml | 1 + .github/workflows/__packaging-inputs-js.yml | 1 + .github/workflows/__remote-config.yml | 1 + .github/workflows/__rubocop-multi-language.yml | 1 + .github/workflows/__ruby.yml | 1 + .github/workflows/__split-workflow.yml | 1 + .github/workflows/__submit-sarif-failure.yml | 1 + .github/workflows/__swift-autobuild.yml | 1 + .github/workflows/__swift-custom-build.yml | 1 + .github/workflows/__test-autobuild-working-dir.yml | 1 + .github/workflows/__test-local-codeql.yml | 1 + .github/workflows/__test-proxy.yml | 1 + .github/workflows/__unset-environment.yml | 1 + .github/workflows/__upload-ref-sha-input.yml | 1 + .github/workflows/__with-checkout-path.yml | 1 + .github/workflows/debug-artifacts-failure.yml | 3 +++ .github/workflows/debug-artifacts.yml | 3 +++ pr-checks/sync.py | 3 +++ 32 files changed, 38 insertions(+) diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index 1c27da3fc5..0fc55f2970 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -7,6 +7,7 @@ name: "PR Check - Analyze: 'ref' and 'sha' from inputs" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__autobuild-action.yml b/.github/workflows/__autobuild-action.yml index 807df26c47..eeed7f3dca 100644 --- a/.github/workflows/__autobuild-action.yml +++ b/.github/workflows/__autobuild-action.yml @@ -7,6 +7,7 @@ name: PR Check - autobuild-action env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__export-file-baseline-information.yml b/.github/workflows/__export-file-baseline-information.yml index e8bb8ad7c0..01b0c3e224 100644 --- a/.github/workflows/__export-file-baseline-information.yml +++ b/.github/workflows/__export-file-baseline-information.yml @@ -7,6 +7,7 @@ name: PR Check - Export file baseline information env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__extractor-ram-threads.yml b/.github/workflows/__extractor-ram-threads.yml index 8a3ca5a28a..2fa4dd308d 100644 --- a/.github/workflows/__extractor-ram-threads.yml +++ b/.github/workflows/__extractor-ram-threads.yml @@ -7,6 +7,7 @@ name: PR Check - Extractor ram and threads options test env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__go-custom-queries.yml b/.github/workflows/__go-custom-queries.yml index ebbdf5239d..d785779eb0 100644 --- a/.github/workflows/__go-custom-queries.yml +++ b/.github/workflows/__go-custom-queries.yml @@ -7,6 +7,7 @@ name: 'PR Check - Go: Custom queries' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__go-tracing-autobuilder.yml b/.github/workflows/__go-tracing-autobuilder.yml index a491c478d8..b85cd6fadd 100644 --- a/.github/workflows/__go-tracing-autobuilder.yml +++ b/.github/workflows/__go-tracing-autobuilder.yml @@ -7,6 +7,7 @@ name: 'PR Check - Go: tracing with autobuilder step' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__go-tracing-custom-build-steps.yml b/.github/workflows/__go-tracing-custom-build-steps.yml index b6e8055bbb..f89d77ca75 100644 --- a/.github/workflows/__go-tracing-custom-build-steps.yml +++ b/.github/workflows/__go-tracing-custom-build-steps.yml @@ -7,6 +7,7 @@ name: 'PR Check - Go: tracing with custom build steps' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__go-tracing-legacy-workflow.yml b/.github/workflows/__go-tracing-legacy-workflow.yml index e06ea36d73..2cc72c05ba 100644 --- a/.github/workflows/__go-tracing-legacy-workflow.yml +++ b/.github/workflows/__go-tracing-legacy-workflow.yml @@ -7,6 +7,7 @@ name: 'PR Check - Go: tracing with legacy workflow' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__init-with-registries.yml b/.github/workflows/__init-with-registries.yml index 958fca7dee..cd0a1da52f 100644 --- a/.github/workflows/__init-with-registries.yml +++ b/.github/workflows/__init-with-registries.yml @@ -7,6 +7,7 @@ name: 'PR Check - Packaging: Download using registries' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__javascript-source-root.yml b/.github/workflows/__javascript-source-root.yml index c32a27cbea..9b54794c3b 100644 --- a/.github/workflows/__javascript-source-root.yml +++ b/.github/workflows/__javascript-source-root.yml @@ -7,6 +7,7 @@ name: PR Check - Custom source root env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__ml-powered-queries.yml b/.github/workflows/__ml-powered-queries.yml index 4b6367ee6c..848de5f94a 100644 --- a/.github/workflows/__ml-powered-queries.yml +++ b/.github/workflows/__ml-powered-queries.yml @@ -7,6 +7,7 @@ name: PR Check - ML-powered queries env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index 9a7adcb7d9..9b3cff5d50 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -7,6 +7,7 @@ name: PR Check - Multi-language repository env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__packaging-codescanning-config-inputs-js.yml b/.github/workflows/__packaging-codescanning-config-inputs-js.yml index d3657a2025..744ced18c3 100644 --- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml +++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml @@ -7,6 +7,7 @@ name: 'PR Check - Packaging: Config and input passed to the CLI' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__packaging-config-inputs-js.yml b/.github/workflows/__packaging-config-inputs-js.yml index f35e2a9af7..dc4221656a 100644 --- a/.github/workflows/__packaging-config-inputs-js.yml +++ b/.github/workflows/__packaging-config-inputs-js.yml @@ -7,6 +7,7 @@ name: 'PR Check - Packaging: Config and input' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__packaging-config-js.yml b/.github/workflows/__packaging-config-js.yml index 7751c8f137..47b1ecc738 100644 --- a/.github/workflows/__packaging-config-js.yml +++ b/.github/workflows/__packaging-config-js.yml @@ -7,6 +7,7 @@ name: 'PR Check - Packaging: Config file' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__packaging-inputs-js.yml b/.github/workflows/__packaging-inputs-js.yml index 77be551100..a9bbac0759 100644 --- a/.github/workflows/__packaging-inputs-js.yml +++ b/.github/workflows/__packaging-inputs-js.yml @@ -7,6 +7,7 @@ name: 'PR Check - Packaging: Action input' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__remote-config.yml b/.github/workflows/__remote-config.yml index 30c9348e22..a6c5a4ec51 100644 --- a/.github/workflows/__remote-config.yml +++ b/.github/workflows/__remote-config.yml @@ -7,6 +7,7 @@ name: PR Check - Remote config file env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__rubocop-multi-language.yml b/.github/workflows/__rubocop-multi-language.yml index c240aabb73..b06628b49d 100644 --- a/.github/workflows/__rubocop-multi-language.yml +++ b/.github/workflows/__rubocop-multi-language.yml @@ -7,6 +7,7 @@ name: PR Check - RuboCop multi-language env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__ruby.yml b/.github/workflows/__ruby.yml index 9a3a9f7ebf..b74e93ff44 100644 --- a/.github/workflows/__ruby.yml +++ b/.github/workflows/__ruby.yml @@ -7,6 +7,7 @@ name: PR Check - Ruby analysis env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__split-workflow.yml b/.github/workflows/__split-workflow.yml index d2d45353b9..01e2a98381 100644 --- a/.github/workflows/__split-workflow.yml +++ b/.github/workflows/__split-workflow.yml @@ -7,6 +7,7 @@ name: PR Check - Split workflow env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__submit-sarif-failure.yml b/.github/workflows/__submit-sarif-failure.yml index 992f85c8b8..67d79c5c95 100644 --- a/.github/workflows/__submit-sarif-failure.yml +++ b/.github/workflows/__submit-sarif-failure.yml @@ -7,6 +7,7 @@ name: PR Check - Submit SARIF after failure env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__swift-autobuild.yml b/.github/workflows/__swift-autobuild.yml index 678a1498a4..63c19736ad 100644 --- a/.github/workflows/__swift-autobuild.yml +++ b/.github/workflows/__swift-autobuild.yml @@ -7,6 +7,7 @@ name: PR Check - Swift analysis using autobuild env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__swift-custom-build.yml b/.github/workflows/__swift-custom-build.yml index d5ebde1be1..df78cd86be 100644 --- a/.github/workflows/__swift-custom-build.yml +++ b/.github/workflows/__swift-custom-build.yml @@ -7,6 +7,7 @@ name: PR Check - Swift analysis using a custom build command env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__test-autobuild-working-dir.yml b/.github/workflows/__test-autobuild-working-dir.yml index 0ab8a2b7a9..a3721e6132 100644 --- a/.github/workflows/__test-autobuild-working-dir.yml +++ b/.github/workflows/__test-autobuild-working-dir.yml @@ -7,6 +7,7 @@ name: PR Check - Autobuild working directory env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__test-local-codeql.yml b/.github/workflows/__test-local-codeql.yml index 54354b4ebd..fe83965094 100644 --- a/.github/workflows/__test-local-codeql.yml +++ b/.github/workflows/__test-local-codeql.yml @@ -7,6 +7,7 @@ name: PR Check - Local CodeQL bundle env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__test-proxy.yml b/.github/workflows/__test-proxy.yml index 1551a18a9b..95327eddf7 100644 --- a/.github/workflows/__test-proxy.yml +++ b/.github/workflows/__test-proxy.yml @@ -7,6 +7,7 @@ name: PR Check - Proxy test env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index dfdf0a01c6..cd3287fbe8 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -7,6 +7,7 @@ name: PR Check - Test unsetting environment variables env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index a488455b4e..47a1865f8f 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -7,6 +7,7 @@ name: "PR Check - Upload-sarif: 'ref' and 'sha' from inputs" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index dd63cb05df..4ea0a1bdbc 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -7,6 +7,7 @@ name: PR Check - Use a custom `checkout_path` env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true' on: push: branches: diff --git a/.github/workflows/debug-artifacts-failure.yml b/.github/workflows/debug-artifacts-failure.yml index 9afb2b30ef..8fc0102e61 100644 --- a/.github/workflows/debug-artifacts-failure.yml +++ b/.github/workflows/debug-artifacts-failure.yml @@ -2,6 +2,9 @@ # when the analyze step fails. name: PR Check - Debug artifacts after failure env: + # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a + # workaround for our PR checks. + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} on: push: diff --git a/.github/workflows/debug-artifacts.yml b/.github/workflows/debug-artifacts.yml index 99cc887fed..836d7cad44 100644 --- a/.github/workflows/debug-artifacts.yml +++ b/.github/workflows/debug-artifacts.yml @@ -1,6 +1,9 @@ # Checks logs, SARIF, and database bundle debug artifacts exist. name: PR Check - Debug artifact upload env: + # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a + # workaround for our PR checks. + CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} on: push: diff --git a/pr-checks/sync.py b/pr-checks/sync.py index b38c7c535f..74dd8c854c 100644 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -126,6 +126,9 @@ def writeHeader(checkStream): 'env': { 'GITHUB_TOKEN': '${{ secrets.GITHUB_TOKEN }}', 'GO111MODULE': 'auto', + # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a + # workaround for our PR checks. + 'CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN': 'true', }, 'on': { 'push': { From 80b12d6f73228fe6796bf71d3fbce2438ff135f4 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Tue, 10 Jan 2023 17:42:24 +0000 Subject: [PATCH 8/8] Ensure we don't unset `CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN` --- .github/workflows/__unset-environment.yml | 5 ++++- pr-checks/checks/unset-environment.yml | 4 +++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index cd3287fbe8..a499842291 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -60,7 +60,10 @@ jobs: tools: ${{ steps.prepare-test.outputs.tools-url }} - name: Build code shell: bash - run: env -i PATH="$PATH" HOME="$HOME" ./build.sh + # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a + # workaround for our PR checks. + run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME" + ./build.sh - uses: ./../action/analyze id: analysis - shell: bash diff --git a/pr-checks/checks/unset-environment.yml b/pr-checks/checks/unset-environment.yml index 777bc40424..6e36c07863 100644 --- a/pr-checks/checks/unset-environment.yml +++ b/pr-checks/checks/unset-environment.yml @@ -8,7 +8,9 @@ steps: tools: ${{ steps.prepare-test.outputs.tools-url }} - name: Build code shell: bash - run: env -i PATH="$PATH" HOME="$HOME" ./build.sh + # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a + # workaround for our PR checks. + run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME" ./build.sh - uses: ./../action/analyze id: analysis - shell: bash