Skip to content

Refactor CodeQL setup #1462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
henrymercer merged 2 commits into from
Jan 6, 2023
Merged

Refactor CodeQL setup #1462

henrymercer merged 2 commits into from
Jan 6, 2023

Conversation

@henrymercer
Copy link
Contributor

@henrymercer henrymercer commented Jan 5, 2023

This PR refactors how the Action sets up the CodeQL tools. The aim is to make the code more readable and to set the stage for improving how we roll out new CodeQL versions.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@henrymercer henrymercer requested a review from a team as a code owner January 5, 2023 19:11
angelapwen
angelapwen previously approved these changes Jan 5, 2023
View reviewed changes
Copy link
Contributor

@angelapwen angelapwen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this!!!! It's so much clearer now. And, I learned that we have AssertNever now

aeisenberg
aeisenberg reviewed Jan 5, 2023
View reviewed changes
src/codeql.ts
variant: util.GitHubVariant,
logger: Logger
): Promise<CodeQLToolsSource> {
if (toolsInput && toolsInput !== "latest" && !toolsInput.startsWith("http")) {
Copy link
Contributor

@aeisenberg aeisenberg Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor:

Suggested change
if (toolsInput && toolsInput !== "latest" && !toolsInput.startsWith("http")) {
if (toolsInput !== "latest" && !toolsInput?.startsWith("http")) {

Copy link
Contributor Author

@henrymercer henrymercer Jan 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that would start accepting toolsInput === undefined, which we don't want here.

src/codeql.ts Outdated
logger.debug("Downloading CodeQL bundle with token.");
headers.authorization = `token ${apiDetails.auth}`;
} else {
logger.debug("Downloading CodeQL bundle without token.");
Copy link
Contributor

@aeisenberg aeisenberg Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case, the URL may still have a token search param, Should we explicitly remove it?

Copy link
Contributor

@aeisenberg aeisenberg Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this was always here, so maybe not a problem?

Copy link
Contributor Author

@henrymercer henrymercer Jan 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"without adding token" would be more accurate — the goal here is to log that we aren't using the token input to init here.

@henrymercer henrymercer merged commit cf1437a into main Jan 6, 2023
@henrymercer henrymercer deleted the henrymercer/refactor-codeql-setup branch January 6, 2023 17:36
This was referenced Jan 12, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aeisenberg aeisenberg aeisenberg approved these changes

@angelapwen angelapwen Awaiting requested review from angelapwen

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@henrymercer @aeisenberg @angelapwen