Skip to content

Commit 0f4529e

Browse files
henrymercerhenrymercer
committed
Enable requesting latest nightly with "tools: nightly"
1 parent 573acd9 commit 0f4529e

6 files changed

Lines changed: 173 additions & 5 deletions

File tree

lib/analyze-action.js

Lines changed: 26 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/init-action-post.js

Lines changed: 26 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/init-action.js

Lines changed: 26 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/upload-lib.js

Lines changed: 26 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/upload-sarif-action.js

Lines changed: 26 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/setup-codeql.ts

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,11 @@ export enum ToolsSource {
3333
}
3434

3535
export const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
36+
const CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
37+
const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
3638

3739
const CODEQL_BUNDLE_VERSION_ALIAS: string[] = ["linked", "latest"];
40+
const CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
3841

3942
function getCodeQLBundleExtension(
4043
compressionMethod: tar.CompressionMethod,
@@ -277,6 +280,7 @@ export async function getCodeQLSource(
277280
if (
278281
toolsInput &&
279282
!CODEQL_BUNDLE_VERSION_ALIAS.includes(toolsInput) &&
283+
!CODEQL_NIGHTLY_TOOLS_INPUTS.includes(toolsInput) &&
280284
!toolsInput.startsWith("http")
281285
) {
282286
logger.info(`Using CodeQL CLI from local path ${toolsInput}`);
@@ -331,6 +335,13 @@ export async function getCodeQLSource(
331335
*/
332336
let url: string | undefined;
333337

338+
if (
339+
toolsInput !== undefined &&
340+
CODEQL_NIGHTLY_TOOLS_INPUTS.includes(toolsInput)
341+
) {
342+
toolsInput = await getNightlyToolsUrl(logger);
343+
}
344+
334345
if (forceShippedTools) {
335346
cliVersion = defaults.cliVersion;
336347
tagName = defaults.bundleVersion;
@@ -771,3 +782,35 @@ async function useZstdBundle(
771782
function getTempExtractionDir(tempDir: string) {
772783
return path.join(tempDir, uuidV4());
773784
}
785+
786+
/**
787+
* Get the URL of the latest nightly CodeQL bundle.
788+
*/
789+
async function getNightlyToolsUrl(logger: Logger) {
790+
const zstdAvailability = await tar.isZstdAvailable(logger);
791+
// The nightly is guaranteed to have a zstd bundle
792+
const compressionMethod = (await useZstdBundle(
793+
CODEQL_VERSION_ZSTD_BUNDLE,
794+
zstdAvailability.available,
795+
))
796+
? "zstd"
797+
: "gzip";
798+
799+
// Since nightlies are prereleases, we can't just download the latest release
800+
// on the repository. So instead we need to find the latest pre-release
801+
// version and construct the download URL from that.
802+
const release = await api.getApiClient().rest.repos.listReleases({
803+
owner: CODEQL_NIGHTLIES_REPOSITORY_OWNER,
804+
repo: CODEQL_NIGHTLIES_REPOSITORY_NAME,
805+
per_page: 1,
806+
page: 1,
807+
prerelease: true,
808+
});
809+
810+
const latestRelease = release.data[0];
811+
if (!latestRelease) {
812+
throw new Error("Could not find latest nightly release.");
813+
}
814+
815+
return `https://github.com/${CODEQL_NIGHTLIES_REPOSITORY_OWNER}/${CODEQL_NIGHTLIES_REPOSITORY_NAME}/releases/download/${latestRelease.tag_name}/${getCodeQLBundleName(compressionMethod)}`;
816+
}

0 commit comments

Comments
 (0)