diff --git a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml index e23c736..db691f1 100644 --- a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml +++ b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml @@ -66,13 +66,12 @@ jobs: with: languages: ${{ matrix.language }} queries: security-extended - source-root: integration-tests/cpp/src/ # Path containing the example application tools: ${{ env.QLT_CODEQL_BUNDLE_PATH }} - name: Autobuild uses: github/codeql-action/autobuild@v2 with: - working-directory: integration-tests/cpp/src/ # Path containing the example application + working-directory: example/integration-tests/cpp/src/ # Path containing the example application - name: Perform CodeQL Analysis id: analysis @@ -105,4 +104,4 @@ jobs: shell: bash run: | # Compare the expected vs the actual - qlt bundle run validate-integration-tests --expected integration-tests/cpp/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/cpp.sarif \ No newline at end of file + qlt bundle run validate-integration-tests --expected example/integration-tests/cpp/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/cpp.sarif \ No newline at end of file diff --git a/.github/workflows/internal-validate-workflow-files.yml b/.github/workflows/internal-validate-workflow-files.yml index 8cfbfad..46ee9d1 100644 --- a/.github/workflows/internal-validate-workflow-files.yml +++ b/.github/workflows/internal-validate-workflow-files.yml @@ -47,6 +47,15 @@ jobs: exit 1 fi + - name: Generate Workflow Files (Bundle Feature) + shell: bash + run: | + if ! qlt bundle init --use-runner ubuntu-latest --language cpp --automation-type actions --development --overwrite-existing ; then + echo "Failed to generate bundle workflow files." + exit 1 + fi + + - name: Check Git Clean Status shell: bash run: | diff --git a/.github/workflows/run-bundle-integration-tests-cpp.yml b/.github/workflows/run-bundle-integration-tests-cpp.yml new file mode 100644 index 0000000..f1c66ab --- /dev/null +++ b/.github/workflows/run-bundle-integration-tests-cpp.yml @@ -0,0 +1,123 @@ +name: ⚙️ Integration Test Bundle (cpp) + +on: + push: + branches: + - '**' + pull_request: + branches: + - '**' + workflow_dispatch: + +jobs: + integration-test: + name: Run Bundle Integration Test + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: [ 'cpp' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt-local + with: + qlt-version: 'latest' + add-to-path: true + + + - name: Validate QLT Installation + shell: bash + run: | + echo -e "Checking QLT Version:" + echo "QLT Home: ${{ steps.install-qlt.outputs.qlt-home }}" + qlt version + + + - name: Create Bundle (compiled) + shell: bash + run: | + if ! qlt codeql run install --custom-bundle --base example/ ; then + echo "Failed to generate bundle." + exit 1 + fi + + # ensure bundle runs + + if ! qlt query run install-packs --use-bundle --base example/ ; then + echo "Failed to install query packs with tool." + exit 1 + fi + + + - name: Validate Bundle Existence + shell: bash + run: | + echo "Checking Bundle Existence" + ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ + + - name: Upload Bundle Used + uses: actions/upload-artifact@v2 + with: + name: codeql-bundle.tar.gz + path: | + ${{ env.QLT_CODEQL_BUNDLE_PATH }} + if-no-files-found: error + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + tools: ${{ env.QLT_CODEQL_BUNDLE_PATH }} + + + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + with: + working-directory: example/integration-tests/${{ matrix.language }}/src/ # Path containing the example application + + + + - name: Perform CodeQL Analysis + id: analysis + uses: github/codeql-action/analyze@v2 + + - name: Validate SARIF Location + shell: bash + run: | + # validate we have the actual sarif results + echo "Checking SARIF file location at: ${{ steps.analysis.outputs.sarif-output }}" + ls -l ${{ steps.analysis.outputs.sarif-output }} + + - name: Upload SARIF Results + uses: actions/upload-artifact@v2 + with: + name: actual.sarif + path: | + ${{ steps.analysis.outputs.sarif-output }}/*.sarif + if-no-files-found: error + + - name: Validate SARIF Existence + shell: bash + run: | + ls -l ${{ steps.analysis.outputs.sarif-output }}/*.sarif + + + + + - name: Validate SARIF Results + shell: bash + run: | + # Compare the expected vs the actual + qlt bundle run validate-integration-tests --expected example/integration-tests/${{ matrix.language }}/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/${{ matrix.language }}.sarif + diff --git a/integration-tests/cpp/expected.sarif b/example/integration-tests/cpp/expected.sarif similarity index 100% rename from integration-tests/cpp/expected.sarif rename to example/integration-tests/cpp/expected.sarif diff --git a/integration-tests/cpp/src/Makefile b/example/integration-tests/cpp/src/Makefile similarity index 100% rename from integration-tests/cpp/src/Makefile rename to example/integration-tests/cpp/src/Makefile diff --git a/integration-tests/cpp/src/main.c b/example/integration-tests/cpp/src/main.c similarity index 100% rename from integration-tests/cpp/src/main.c rename to example/integration-tests/cpp/src/main.c diff --git a/example/qlt.conf.json b/example/qlt.conf.json index 0071334..9beeefd 100644 --- a/example/qlt.conf.json +++ b/example/qlt.conf.json @@ -4,14 +4,15 @@ "CodeQLCLIBundle": "codeql-bundle-v2.15.5", "EnableCustomCodeQLBundles": true, "CodeQLStandardLibraryIdent": "codeql-cli_v2.15.5", - "CustomizationPacks" : [ + "CodeQLPackConfiguration" : [ { "Name": "qlt/cpp-customizations", - "Export" : true + "Bundle" : true }, { "Name": "qlt2/stuff2-tests", - "Export" : false + "Bundle" : false, + "ReferencesBundle" : true } ] } \ No newline at end of file diff --git a/src/CodeQLToolkit.Core/Properties/launchSettings.json b/src/CodeQLToolkit.Core/Properties/launchSettings.json index 58a6cf3..9be4b41 100644 --- a/src/CodeQLToolkit.Core/Properties/launchSettings.json +++ b/src/CodeQLToolkit.Core/Properties/launchSettings.json @@ -2,7 +2,7 @@ "profiles": { "CodeQLToolkit.Core": { "commandName": "Project", - "commandLineArgs": "--base C:\\Projects\\codeql-development-lifecycle-toolkit\\example bundle set enable-custom-bundles" + "commandLineArgs": "bundle init --use-runner ubuntu-latest --language cpp --automation-type actions --development --overwrite-existing" } } } \ No newline at end of file diff --git a/src/CodeQLToolkit.Core/ver.txt b/src/CodeQLToolkit.Core/ver.txt index 927734f..95dfee2 100644 --- a/src/CodeQLToolkit.Core/ver.txt +++ b/src/CodeQLToolkit.Core/ver.txt @@ -1 +1 @@ -0.0.17 \ No newline at end of file +0.0.23 \ No newline at end of file diff --git a/src/CodeQLToolkit.Features/Bundle/Lifecycle/BaseLifecycleTarget.cs b/src/CodeQLToolkit.Features/Bundle/Lifecycle/BaseLifecycleTarget.cs index 04b4b17..b5e8f44 100644 --- a/src/CodeQLToolkit.Features/Bundle/Lifecycle/BaseLifecycleTarget.cs +++ b/src/CodeQLToolkit.Features/Bundle/Lifecycle/BaseLifecycleTarget.cs @@ -8,12 +8,7 @@ namespace CodeQLToolkit.Features.Bundle.Lifecycle { abstract public class BaseLifecycleTarget : ILifecycleTarget { - public int NumThreads { get; set; } public string UseRunner { get; set; } - public string ExtraArgs { get; set; } - - - } } diff --git a/src/CodeQLToolkit.Features/Bundle/Lifecycle/BundleLifecycleFeature.cs b/src/CodeQLToolkit.Features/Bundle/Lifecycle/BundleLifecycleFeature.cs index 9e12242..e8234cb 100644 --- a/src/CodeQLToolkit.Features/Bundle/Lifecycle/BundleLifecycleFeature.cs +++ b/src/CodeQLToolkit.Features/Bundle/Lifecycle/BundleLifecycleFeature.cs @@ -1,10 +1,6 @@ -using CodeQLToolkit.Features.CodeQL.Lifecycle.Targets; -using CodeQLToolkit.Features.CodeQL.Lifecycle; -using CodeQLToolkit.Features.Test.Lifecycle.Targets; -using CodeQLToolkit.Features.Test.Lifecycle.Targets.Actions; +using CodeQLToolkit.Features.CodeQL.Lifecycle; using CodeQLToolkit.Shared.Utils; using System.CommandLine; -using System.Reflection; using CodeQLToolkit.Features.Bundle.Lifecycle.Targets; namespace CodeQLToolkit.Features.Bundle.Lifecycle @@ -32,7 +28,18 @@ public override LanguageType[] SupportedLangauges public void Register(Command parentCommand) { - //Log.G().LogInformation("Registering lifecycle submodule."); + Log.G().LogInformation("Registering lifecycle submodule."); + + var initCommand = new Command("init", "Initialize bundle creation and integration testing features."); + var overwriteExistingOption = new Option("--overwrite-existing", () => false, "Overwrite exiting files (if they exist)."); + var useRunnerOption = new Option("--use-runner", () => "ubuntu-latest", "The runner(s) to use. Should be a comma-seperated list of actions runners."); + var languageOption = new Option("--language", $"The language to generate automation for.") { IsRequired = true }.FromAmong(SupportedLangauges.Select(x => x.ToOptionString()).ToArray()); + + initCommand.AddOption(overwriteExistingOption); + initCommand.AddOption(useRunnerOption); + initCommand.AddOption(languageOption); + + parentCommand.Add(initCommand); var setCommand = new Command("set", "Functions pertaining to setting variables related to custom CodeQL bundles."); //parentCommand.Add(setCommand); @@ -90,6 +97,27 @@ public void Register(Command parentCommand) } + initCommand.SetHandler((devMode, basePath, automationType, overwriteExisting, useRunner, language) => + { + Log.G().LogInformation("Executing init command..."); + + // + // dispatch at runtime to the correct automation type + // + var featureTarget = AutomationFeatureFinder.FindTargetForAutomationType(AutomationTypeHelper.AutomationTypeFromString(automationType)); + + // setup common params + featureTarget.FeatureName = FeatureName; + featureTarget.Base = basePath; + featureTarget.OverwriteExisting = overwriteExisting; + featureTarget.UseRunner = useRunner; + featureTarget.Language = language; + featureTarget.DevMode = devMode; + featureTarget.Run(); + + }, Globals.Development, Globals.BasePathOption, Globals.AutomationTypeOption, overwriteExistingOption, useRunnerOption, languageOption); + + } public int Run() diff --git a/src/CodeQLToolkit.Features/Bundle/Lifecycle/Targets/Actions/InitLifecycleTarget.cs b/src/CodeQLToolkit.Features/Bundle/Lifecycle/Targets/Actions/InitLifecycleTarget.cs new file mode 100644 index 0000000..969c4d0 --- /dev/null +++ b/src/CodeQLToolkit.Features/Bundle/Lifecycle/Targets/Actions/InitLifecycleTarget.cs @@ -0,0 +1,50 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace CodeQLToolkit.Features.Bundle.Lifecycle.Targets.Actions +{ + [AutomationType(AutomationType.ACTIONS)] + public class InitLifecycleTarget : BaseLifecycleTarget + { + + public InitLifecycleTarget() + { + AutomationType = AutomationType.ACTIONS; + } + + public override void Run() + { + Log.G().LogInformation("Running init command..."); + + // temporarily disable the language resolution + var tmpLanguage = Language; + Language = null; + + WriteTemplateIfOverwriteOrNotExists("install-qlt", Path.Combine(Base, ".github", "actions", "install-qlt", "action.yml"), "install-qlt action"); + WriteTemplateIfOverwriteOrNotExists("run-bundle-integration-tests", Path.Combine(Base, ".github", "workflows", $"run-bundle-integration-tests-{tmpLanguage}.yml"), $"Run CodeQL Unit Tests ({Language})", new + { + useRunner = UseRunner, + language = tmpLanguage, + devMode = DevMode, + }); + + Language = tmpLanguage; + + var message = @"------------------------------------------ +Your repository now has the Bundle Creation and Integration Test Runner installed in `.github/workflows/`. Additionally, +QLT has installed necessary actions for keeping your version of QLT and CodeQL current in `.github/actions/install-qlt`. + +Note that for integration testing to work, you MUST create a directory `integration-test` in the root of your repository. Please +consult the QLT documentation for details on how to structure this directory. + +In addition to using QLT to generate your files you can also directly edit this file to fine tune its settings. + +(Hint: If you'd like to regenerate your files, you can use the `--overwrite-existing` option to overwrite the files that are in place now.)"; + + Log.G().LogInformation(message); + } + } +} diff --git a/src/CodeQLToolkit.Features/CodeQL/Commands/Targets/InstallCommand.cs b/src/CodeQLToolkit.Features/CodeQL/Commands/Targets/InstallCommand.cs index 8de989a..d90ddcc 100644 --- a/src/CodeQLToolkit.Features/CodeQL/Commands/Targets/InstallCommand.cs +++ b/src/CodeQLToolkit.Features/CodeQL/Commands/Targets/InstallCommand.cs @@ -27,9 +27,10 @@ public override void Run() if (Packs!=null && Packs.Length > 0) { Log.G().LogInformation($"Overriding Packs on the command line. The following Packs will be packaged:"); - installation.CustomizationPacks = Packs.Select(p => new QLTCustomizationPack() + installation.CodeQLPackConfiguration = Packs.Select(p => new CodeQLPackConfiguration() { - Name = p + Name = p, + Bundle = true }).ToArray(); } else diff --git a/src/CodeQLToolkit.Features/CodeQLToolkit.Features.csproj b/src/CodeQLToolkit.Features/CodeQLToolkit.Features.csproj index df18b6d..ed75ed1 100644 --- a/src/CodeQLToolkit.Features/CodeQLToolkit.Features.csproj +++ b/src/CodeQLToolkit.Features/CodeQLToolkit.Features.csproj @@ -11,7 +11,6 @@ - @@ -22,6 +21,12 @@ + + Always + + + Always + Always diff --git a/src/CodeQLToolkit.Features/Query/Commands/Targets/InstallQueryPacksCommandTarget.cs b/src/CodeQLToolkit.Features/Query/Commands/Targets/InstallQueryPacksCommandTarget.cs index f9aa111..b38d2bc 100644 --- a/src/CodeQLToolkit.Features/Query/Commands/Targets/InstallQueryPacksCommandTarget.cs +++ b/src/CodeQLToolkit.Features/Query/Commands/Targets/InstallQueryPacksCommandTarget.cs @@ -41,7 +41,7 @@ public override void Run() Log.G().LogInformation("In bundle mode so filtering bundled packs..."); - foreach (var pack in config.CustomizationPacks) + foreach (var pack in config.CodeQLPackConfiguration) { Log.G().LogInformation($"Pack {pack.Name} will NOT installed because it is part of the bundle..."); } @@ -49,7 +49,7 @@ public override void Run() files = files.Where(f => // all things that are part of the customization pack must be excluded. // if it is exported is not relevant here. - !config.CustomizationPacks.Any(p => CodeQLPackReader.read(f).Name == p.Name) + !config.CodeQLPackConfiguration.Any(p => CodeQLPackReader.read(f).Name == p.Name && (p.Bundle==true || p.ReferencesBundle==true)) ).ToArray(); Log.G().LogInformation($"Got {files.Length} packs after filtering..."); diff --git a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/install-qlt.liquid b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/install-qlt.liquid new file mode 100644 index 0000000..cb53a5c --- /dev/null +++ b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/install-qlt.liquid @@ -0,0 +1,82 @@ +name: Fetch and Install QLT +description: | + Fetches and installs QLT. +inputs: + qlt-version: + description: | + The version of QLT to be downloaded. + required: false + default: 'latest' + + add-to-path: + description: | + Add QLT to the system path + required: false + default: 'true' + +outputs: + qlt-home: + description: 'The directory containing the QLT installation' + value: ${{ steps.install-qlt.outputs.qlt-home }} + +runs: + using: composite + steps: + - name: Install QLT + id: install-qlt + env: + RUNNER_OS: ${{ runner.os }} + RUNNER_TEMP: ${{ runner.temp }} + ADD_TO_PATH: ${{ inputs.add-to-path }} + QLT_VERSION: ${{ inputs.qlt-version }} + QLT_HOME: ${{ inputs.qlt-home }} + GITHUB_TOKEN: ${{ github.token }} + + shell: bash + run: | + echo -e "\e[0;32m[QLT]\e[0m Determining QLT release for $RUNNER_OS" + case $RUNNER_OS in + "Linux") + RELEASE_PATTERN="qlt-linux-x86_64.zip" + ;; + *) + echo "::error::Unsupported runner operating system $RUNNER_OS" + exit 1 + ;; + esac + echo -e "\e[0;32m[QLT]\e[0m Selected $RELEASE_PATTERN" + + if [ "$QLT_HOME" == "" ] + then + echo -e "\e[0;32m[QLT]\e[0m Creating temporary QLT home" + QLT_HOME=$(mktemp -d -p $RUNNER_TEMP qlt-home-XXXXXXXXXX) + else + echo -e "\e[0;32m[QLT]\e[0m Creating CodeQL home at $QLT_HOME" + mkdir -p $QLT_HOME + fi + + echo -e "\e[0;32m[QLT]\e[0m Changing directory to $QLT_HOME" + pushd $QLT_HOME + + echo -e "\e[0;32m[QLT]\e[0m Downloading QLT version $QLT_VERSION" + if [ "$QLT_VERSION" == "latest" ] + then + # download the actual bundle + gh release download -R advanced-security/codeql-development-toolkit --pattern "$RELEASE_PATTERN" + else + gh release download "$QLT_VERSION" -R advanced-security/codeql-development-toolkit --pattern "$RELEASE_PATTERN" + fi + echo -e "\e[0;32m[QLT]\e[0m Unpacking QLT" + unzip $RELEASE_PATTERN + + if [ "$ADD_TO_PATH" == "true" ] + then + echo -e "\e[0;32m[QLT]\e[0m Adding QLT '$(pwd)/qlt' to system path" + echo "$(pwd)" >> $GITHUB_PATH + fi + + echo -e "\e[0;32m[QLT]\e[0m Setting output parameter qlt-home to $(pwd)" + echo "qlt-home=$(pwd)" >> $GITHUB_OUTPUT + + popd + echo -e "\e[0;32m[QLT]\e[0m Done." diff --git a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid new file mode 100644 index 0000000..780cf2d --- /dev/null +++ b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid @@ -0,0 +1,161 @@ +name: ⚙️ Integration Test Bundle ({{language}}) + +on: + push: + branches: + - '**' + pull_request: + branches: + - '**' + workflow_dispatch: + +jobs: + integration-test: + name: Run Bundle Integration Test + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: [ 'cpp' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + +{% if dev_mode %} + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt-local + with: + qlt-version: 'latest' + add-to-path: true +{% else %} + - name: Install QLT + id: install-qlt + uses: ./.github/actions/install-qlt + with: + qlt-version: 'latest' + add-to-path: true +{% endif %} +{% raw %} + - name: Validate QLT Installation + shell: bash + run: | + echo -e "Checking QLT Version:" + echo "QLT Home: ${{ steps.install-qlt.outputs.qlt-home }}" + qlt version +{% endraw %} +{% if dev_mode %} + - name: Create Bundle (compiled) + shell: bash + run: | + if ! qlt codeql run install --custom-bundle --base example/ ; then + echo "Failed to generate bundle." + exit 1 + fi + + # ensure bundle runs + + if ! qlt query run install-packs --use-bundle --base example/ ; then + echo "Failed to install query packs with tool." + exit 1 + fi +{% else %} + - name: Create Bundle (compiled) + shell: bash + run: | + if ! qlt codeql run install --custom-bundle ; then + echo "Failed to generate bundle." + exit 1 + fi + + # ensure bundle runs + + if ! qlt query run install-packs --use-bundle ; then + echo "Failed to install query packs with tool." + exit 1 + fi +{% endif %} +{% raw %} + - name: Validate Bundle Existence + shell: bash + run: | + echo "Checking Bundle Existence" + ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ + + - name: Upload Bundle Used + uses: actions/upload-artifact@v2 + with: + name: codeql-bundle.tar.gz + path: | + ${{ env.QLT_CODEQL_BUNDLE_PATH }} + if-no-files-found: error + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + tools: ${{ env.QLT_CODEQL_BUNDLE_PATH }} +{% endraw %} +{% if dev_mode %} +{% raw %} + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + with: + working-directory: example/integration-tests/${{ matrix.language }}/src/ # Path containing the example application +{% endraw %} +{% else %} +{% raw %} + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + with: + working-directory: integration-tests/${{ matrix.language }}/src/ # Path containing the example application +{% endraw %} +{% endif %} +{% raw %} + - name: Perform CodeQL Analysis + id: analysis + uses: github/codeql-action/analyze@v2 + + - name: Validate SARIF Location + shell: bash + run: | + # validate we have the actual sarif results + echo "Checking SARIF file location at: ${{ steps.analysis.outputs.sarif-output }}" + ls -l ${{ steps.analysis.outputs.sarif-output }} + + - name: Upload SARIF Results + uses: actions/upload-artifact@v2 + with: + name: actual.sarif + path: | + ${{ steps.analysis.outputs.sarif-output }}/*.sarif + if-no-files-found: error + + - name: Validate SARIF Existence + shell: bash + run: | + ls -l ${{ steps.analysis.outputs.sarif-output }}/*.sarif +{% endraw %} + +{% if dev_mode %} +{% raw %} + - name: Validate SARIF Results + shell: bash + run: | + # Compare the expected vs the actual + qlt bundle run validate-integration-tests --expected example/integration-tests/${{ matrix.language }}/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/${{ matrix.language }}.sarif +{% endraw %} +{% else %} +{% raw %} + - name: Validate SARIF Results + shell: bash + run: | + # Compare the expected vs the actual + qlt bundle run validate-integration-tests --expected integration-tests/${{ matrix.language }}/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/${{ matrix.language }}.sarif +{% endraw %} +{% endif %} \ No newline at end of file diff --git a/src/CodeQLToolkit.Features/Test/Lifecycle/Targets/Actions/InitLifecycleTarget.cs b/src/CodeQLToolkit.Features/Test/Lifecycle/Targets/Actions/InitLifecycleTarget.cs index e430196..be693c4 100644 --- a/src/CodeQLToolkit.Features/Test/Lifecycle/Targets/Actions/InitLifecycleTarget.cs +++ b/src/CodeQLToolkit.Features/Test/Lifecycle/Targets/Actions/InitLifecycleTarget.cs @@ -45,8 +45,7 @@ public override void Run() var message = @"------------------------------------------ Your repository now has the CodeQL Unit Test Runner installed in `.github/workflows/`. Additionally, -QLT has installed necessary actions for keeping your version of QLT and CodeQL current in `.github/actions/install-qlt` and -`.github/actions/install-codeql`. +QLT has installed necessary actions for keeping your version of QLT and CodeQL current in `.github/actions/install-qlt`. Note that, by default, your runner will use 4 threads and defaults to the `ubuntu-latest` runner. diff --git a/src/CodeQLToolkit.Shared/CodeQL/CodeQLInstallation.cs b/src/CodeQLToolkit.Shared/CodeQL/CodeQLInstallation.cs index 92cae6f..01c443c 100644 --- a/src/CodeQLToolkit.Shared/CodeQL/CodeQLInstallation.cs +++ b/src/CodeQLToolkit.Shared/CodeQL/CodeQLInstallation.cs @@ -16,10 +16,13 @@ public class CodeQLInstallation { public string CLIVersion { get; set; } public string StandardLibraryVersion { get; set; } + + public string CodeQLConfiguration { get; set; } + public string CLIBundle { get; set; } public string StandardLibraryIdent { get; set; } public bool EnableCustomCodeQLBundles { get; set; } - public QLTCustomizationPack[] CustomizationPacks { get; set; } + public CodeQLPackConfiguration[] CodeQLPackConfiguration { get; set; } public bool QuickBundle { get; set; } public string Base { get; set; } @@ -44,8 +47,9 @@ public static CodeQLInstallation LoadFromConfig(QLTConfig c) CLIBundle = config.CodeQLCLIBundle, StandardLibraryIdent = config.CodeQLStandardLibraryIdent, StandardLibraryVersion = config.CodeQLStandardLibrary, - CustomizationPacks = config.CustomizationPacks, - Base = config.Base + CodeQLPackConfiguration = config.CodeQLPackConfiguration, + Base = config.Base, + CodeQLConfiguration = config.CodeQLConfiguration }; @@ -53,9 +57,9 @@ public static CodeQLInstallation LoadFromConfig(QLTConfig c) public void LogPacksToBeBuilt() { - if(CustomizationPacks != null) + if(CodeQLPackConfiguration != null) { - foreach(var p in CustomizationPacks) + foreach(var p in CodeQLPackConfiguration) { Log.G().LogInformation($"Pack: {p}"); } @@ -274,14 +278,14 @@ private void CustomBundleInstall() var workingDirectory = Path.GetFullPath(Base); - if(CustomizationPacks == null || CustomizationPacks.Length == 0) + if(CodeQLPackConfiguration == null || CodeQLPackConfiguration.Length == 0) { throw new Exception("No packs are set to be exported. Please add at least one pack to export in your `qlt.conf.json` file under the property `ExportedCustomizationPacks`."); } Log.G().LogInformation($"Building custom bundle. This may take a while..."); - var packsToExport = CustomizationPacks.Where(p => p.Export == true).Select(p => p.Name).ToArray(); + var packsToExport = CodeQLPackConfiguration.Where(p => p.Bundle == true).Select(p => p.Name).ToArray(); var packs = string.Join(" ", packsToExport); // next, we run the bundling tool. @@ -292,7 +296,17 @@ private void CustomBundleInstall() if (QuickBundle) { Log.G().LogInformation($"Note: Quick Bundles enabled and pre-compilation will be disabled..."); - bundleArgs = $"--log DEBUG -nc -b {customBundleSource} -o {CustomBundleOutputDirectory} -w {workingDirectory} {packs}"; + bundleArgs = $"-nc {bundleArgs}"; + } + + if(CodeQLConfiguration!=null && CodeQLConfiguration.Length > 0) + { + Log.G().LogInformation($"Note: Attempting to include default code scanning configuration ..."); + + if (File.Exists(Path.Combine(Base, CodeQLConfiguration))) + { + bundleArgs = $"-c \"{Path.Combine(Base, CodeQLConfiguration)}\" {bundleArgs}"; + } } Log.G().LogInformation($"Executing Bundle Tool with Working Directory: `{workingDirectory}`"); diff --git a/src/CodeQLToolkit.Shared/Utils/QLTConfig.cs b/src/CodeQLToolkit.Shared/Utils/QLTConfig.cs index cb0b5dd..c9663d4 100644 --- a/src/CodeQLToolkit.Shared/Utils/QLTConfig.cs +++ b/src/CodeQLToolkit.Shared/Utils/QLTConfig.cs @@ -7,19 +7,23 @@ namespace CodeQLToolkit.Shared.Utils { - public class QLTCustomizationPack + public class CodeQLPackConfiguration { public string Name { get; set; } - public bool Export { get; set; } - } + public bool Bundle { get; set; } + public bool Publish { get; set;} + public bool ReferencesBundle { get; set; } + + } public class QLTConfig { public string CodeQLCLI { get; set; } public string CodeQLStandardLibrary { get; set; } public string CodeQLCLIBundle { get; set; } + public string CodeQLConfiguration { get; set; } - public QLTCustomizationPack[] CustomizationPacks { get; set; } + public CodeQLPackConfiguration[] CodeQLPackConfiguration { get; set; } public string CodeQLStandardLibraryIdent { get { @@ -31,6 +35,8 @@ public string CodeQLStandardLibraryIdent { } } + [JsonIgnore] + public string CodeQLConfigurationPath { get { return Path.Combine(Base, CodeQLConfiguration); } } [JsonIgnore] public string Base { get; set; }