Merge branch 'main' into henrymercer/require-cli-2.6.3

.github/workflows/debug-artifacts-failure.yml

@@ -35,6 +35,9 @@ jobs:
         uses: ./.github/prepare-test
         with:
           version: latest
+      - uses: actions/setup-go@v3
+        with:
+          go-version: ^1.13.1
       - uses: ./../action/init
         with:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -87,4 +90,5 @@ jobs:
             popd
           done
         env:
+          GO111MODULE: auto
           INTERNAL_CODEQL_ACTION_DEBUG_LOC: true

.github/workflows/debug-artifacts.yml

@@ -55,6 +55,9 @@ jobs:
         uses: ./.github/prepare-test
         with:
           version: ${{ matrix.version }}
+      - uses: actions/setup-go@v3
+        with:
+          go-version: ^1.13.1
       - uses: ./../action/init
         with:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -113,4 +116,5 @@ jobs:
             done
           done
         env:
+          GO111MODULE: auto
           INTERNAL_CODEQL_ACTION_DEBUG_LOC: true

CHANGELOG.md

@@ -2,6 +2,10 @@
 
 ## [UNRELEASED]
 
+- Go is now analyzed in the same way as other compiled languages such as C/C++, C#, and Java. This completes the rollout of the feature described in [CodeQL Action version 2.1.27](#2127---06-oct-2022). [#1322](https://github.com/github/codeql-action/pull/1322)
+
+## 2.1.32 - 14 Nov 2022
+
 - Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348)
 - Update the ML-powered additional query pack for JavaScript to version 0.4.0. [#1351](https://github.com/github/codeql-action/pull/1351)
 - Bump the minimum CodeQL bundle version to 2.6.3. [#1358](https://github.com/github/codeql-action/pull/1358)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.1.32",
+  "version": "2.1.33",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

pr-checks/checks/go-reconciled-tracing-autobuilder.yml → pr-checks/checks/go-tracing-autobuilder.yml

@@ -1,8 +1,7 @@
-name: "Go: Reconciled tracing with autobuilder"
-description: "Checks that Go reconciled tracing works when using an autobuilder step"
+name: "Go: tracing with autobuilder step"
+description: "Checks that Go tracing works when using an autobuilder step"
 operatingSystems: ["ubuntu", "macos"]
 env:
-  CODEQL_ACTION_RECONCILE_GO_EXTRACTION: "true"
   DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
 steps:
   - uses: actions/setup-go@v3

pr-checks/checks/go-reconciled-tracing-custom-build-steps.yml → pr-checks/checks/go-tracing-custom-build-steps.yml

@@ -1,8 +1,6 @@
-name: "Go: Reconciled tracing with custom build steps"
-description: "Checks that reconciled Go tracing traces the build when using custom build steps"
-env:
-  # Enable reconciled Go tracing beta functionality
-  CODEQL_ACTION_RECONCILE_GO_EXTRACTION: "true"
+name: "Go: tracing with custom build steps"
+description: "Checks that Go tracing traces the build when using custom build steps"
+operatingSystems: ["ubuntu", "macos"]
 steps:
   - uses: actions/setup-go@v3
     with:

pr-checks/checks/go-reconciled-tracing-legacy-workflow.yml → pr-checks/checks/go-tracing-legacy-workflow.yml

@@ -1,9 +1,7 @@
-name: "Go: Reconciled tracing with legacy workflow"
+name: "Go: tracing with legacy workflow"
 description: "Checks that we run the autobuilder in legacy workflows with neither an autobuild step nor manual build steps"
 operatingSystems: ["ubuntu", "macos"]
 env:
-  # Enable reconciled Go tracing beta functionality
-  CODEQL_ACTION_RECONCILE_GO_EXTRACTION: "true"
   DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
 steps:
   - uses: actions/setup-go@v3

pr-checks/checks/ruby-autodetect.yml

@@ -0,0 +1,26 @@
+# This check should be combined into `multi-language-autodetect.yml` once Ruby is GA'ed 
+# and the `CODEQL_ENABLE_EXPERIMENTAL_FEATURES` environment variable is not needed.
+name: "Ruby analysis using autodetect"
+description: "Tests creation of a Ruby database when language isn't specified in init"
+versions: ["latest", "cached", "nightly-latest"]
+operatingSystems: ["ubuntu", "macos"]
+env:
+  CODEQL_ENABLE_EXPERIMENTAL_FEATURES: "true"
+steps:
+  - uses: ./../action/init
+    with:
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+    env:
+      TEST_MODE: true
+  - uses: ./../action/analyze
+    id: analysis
+    env:
+      TEST_MODE: true
+  - name: Check database
+    shell: bash
+    run: |
+      RUBY_DB="${{ fromJson(steps.analysis.outputs.db-locations).ruby }}"
+      if [[ ! -d "$RUBY_DB" ]]; then
+        echo "Did not create a database for Ruby."
+        exit 1
+      fi

pr-checks/checks/swift-autobuild.yml

@@ -0,0 +1,27 @@
+name: "Swift analysis using autobuild"
+description: "Tests creation of a Swift database using autobuild"
+versions: ["latest", "cached", "nightly-latest"]
+# Swift autobuilder is only supported on MacOS for private beta
+operatingSystems: ["macos"]
+env:
+  CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: "true"
+steps:
+  - uses: ./../action/init
+    with:
+      languages: swift
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+    env:
+      TEST_MODE: true
+  - uses: ./../action/autobuild
+  - uses: ./../action/analyze
+    id: analysis
+    env:
+      TEST_MODE: true
+  - name: Check database
+    shell: bash
+    run: |
+      SWIFT_DB="${{ fromJson(steps.analysis.outputs.db-locations).swift }}"
+      if [[ ! -d "$SWIFT_DB" ]]; then
+        echo "Did not create a database for Swift."
+        exit 1
+      fi

pr-checks/checks/swift-custom-build.yml

@@ -0,0 +1,29 @@
+name: "Swift analysis using a custom build command"
+description: "Tests creation of a Swift database using custom build"
+versions: ["latest", "cached", "nightly-latest"]
+operatingSystems: ["ubuntu", "macos"]
+env:
+  CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: "true"
+  DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
+steps:
+  - uses: ./../action/init
+    with:
+      languages: swift
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+    env:
+      TEST_MODE: true
+  - name: Build code
+    shell: bash
+    run: ./build.sh
+  - uses: ./../action/analyze
+    id: analysis
+    env:
+      TEST_MODE: true
+  - name: Check database
+    shell: bash
+    run: |
+      SWIFT_DB="${{ fromJson(steps.analysis.outputs.db-locations).swift }}"
+      if [[ ! -d "$SWIFT_DB" ]]; then
+        echo "Did not create a database for Swift."
+        exit 1
+      fi

src/analyze-action.ts

@@ -19,7 +19,7 @@ import { runAutobuild } from "./autobuild";
 import { getCodeQL } from "./codeql";
 import { Config, getConfig } from "./config-utils";
 import { uploadDatabases } from "./database-upload";
-import { FeatureEnablement, Features } from "./feature-flags";
+import { Features } from "./feature-flags";
 import { Language } from "./languages";
 import { getActionsLogger, Logger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
@@ -127,45 +127,36 @@ function doesGoExtractionOutputExist(config: Config): boolean {
 }
 
 /**
- * When Go extraction reconciliation is enabled, either via the feature
- * or an environment variable, we will attempt to autobuild Go to preserve
- * compatibility for users who have set up Go using a legacy scanning style
- * CodeQL workflow, i.e. one without an autobuild step or manual build
- * steps.
+ * We attempt to autobuild Go to preserve compatibility for users who have
+ * set up Go using a legacy scanning style CodeQL workflow, i.e. one without
+ * an autobuild step or manual build steps.
  *
  * - We detect whether an autobuild step is present by checking the
  * `util.DID_AUTOBUILD_GO_ENV_VAR_NAME` environment variable, which is set
  * when the autobuilder is invoked.
  * - We approximate whether manual build steps are present by looking at
  * whether any extraction output already exists for Go.
  */
-async function runAutobuildIfLegacyGoWorkflow(
-  config: Config,
-  featureEnablement: FeatureEnablement,
-  logger: Logger
-) {
+async function runAutobuildIfLegacyGoWorkflow(config: Config, logger: Logger) {
   if (!config.languages.includes(Language.go)) {
     return;
   }
-  if (!(await util.isGoExtractionReconciliationEnabled(featureEnablement))) {
-    logger.debug(
-      "Won't run Go autobuild since Go extraction reconciliation is not enabled."
-    );
-    return;
-  }
   if (process.env[util.DID_AUTOBUILD_GO_ENV_VAR_NAME] === "true") {
-    // This log line is info level while Go extraction reconciliation is in beta.
-    // We will make it debug level once Go extraction reconciliation is GA.
-    logger.info("Won't run Go autobuild since it has already been run.");
+    logger.debug("Won't run Go autobuild since it has already been run.");
     return;
   }
   // This captures whether a user has added manual build steps for Go
   if (doesGoExtractionOutputExist(config)) {
-    // This log line is info level while Go extraction reconciliation is in beta.
-    // We will make it debug level once Go extraction reconciliation is GA.
-    logger.info(
+    logger.debug(
       "Won't run Go autobuild since at least one file of Go code has already been extracted."
     );
+    // If the user has run the manual build step, and has set the `CODEQL_EXTRACTOR_GO_BUILD_TRACING`
+    // variable, we suggest they remove it from their workflow.
+    if ("CODEQL_EXTRACTOR_GO_BUILD_TRACING" in process.env) {
+      logger.warning(
+        `The CODEQL_EXTRACTOR_GO_BUILD_TRACING environment variable has no effect on workflows with manual build steps, so we recommend that you remove it from your workflow.`
+      );
+    }
     return;
   }
   await runAutobuild(Language.go, config, logger);
@@ -236,15 +227,14 @@ async function run() {
       logger
     );
 
-    await runAutobuildIfLegacyGoWorkflow(config, features, logger);
+    await runAutobuildIfLegacyGoWorkflow(config, logger);
 
     dbCreationTimings = await runFinalize(
       outputDir,
       threads,
       memory,
       config,
-      logger,
-      features
+      logger
     );
 
     if (actionsUtil.getRequiredInput("skip-queries") !== "true") {

src/analyze.ts

@@ -43,6 +43,8 @@ export interface QueriesStatusReport {
   analyze_builtin_queries_python_duration_ms?: number;
   /** Time taken in ms to run builtin queries for ruby (or undefined if this language was not analyzed). */
   analyze_builtin_queries_ruby_duration_ms?: number;
+  /** Time taken in ms to run builtin queries for swift (or undefined if this language was not analyzed). */
+  analyze_builtin_queries_swift_duration_ms?: number;
   /** Time taken in ms to run custom queries for cpp (or undefined if this language was not analyzed). */
   analyze_custom_queries_cpp_duration_ms?: number;
   /** Time taken in ms to run custom queries for csharp (or undefined if this language was not analyzed). */
@@ -57,6 +59,8 @@ export interface QueriesStatusReport {
   analyze_custom_queries_python_duration_ms?: number;
   /** Time taken in ms to run custom queries for ruby (or undefined if this language was not analyzed). */
   analyze_custom_queries_ruby_duration_ms?: number;
+  /** Time taken in ms to run custom queries for swift (or undefined if this language was not analyzed). */
+  analyze_custom_queries_swift_duration_ms?: number;
   /** Time taken in ms to interpret results for cpp (or undefined if this language was not analyzed). */
   interpret_results_cpp_duration_ms?: number;
   /** Time taken in ms to interpret results for csharp (or undefined if this language was not analyzed). */
@@ -71,6 +75,8 @@ export interface QueriesStatusReport {
   interpret_results_python_duration_ms?: number;
   /** Time taken in ms to interpret results for ruby (or undefined if this language was not analyzed). */
   interpret_results_ruby_duration_ms?: number;
+  /** Time taken in ms to interpret results for swift (or undefined if this language was not analyzed). */
+  interpret_results_swift_duration_ms?: number;
   /** Name of language that errored during analysis (or undefined if no language failed). */
   analyze_failure_language?: string;
 }
@@ -115,20 +121,15 @@ async function setupPythonExtractor(logger: Logger) {
 export async function createdDBForScannedLanguages(
   codeql: CodeQL,
   config: configUtils.Config,
-  logger: Logger,
-  featureEnablement: FeatureEnablement
+  logger: Logger
 ) {
   // Insert the LGTM_INDEX_X env vars at this point so they are set when
   // we extract any scanned languages.
   analysisPaths.includeAndExcludeAnalysisPaths(config);
 
   for (const language of config.languages) {
     if (
-      isScannedLanguage(
-        language,
-        await util.isGoExtractionReconciliationEnabled(featureEnablement),
-        logger
-      ) &&
+      isScannedLanguage(language) &&
       !dbIsFinalized(config, language, logger)
     ) {
       logger.startGroup(`Extracting ${language}`);
@@ -166,13 +167,12 @@ async function finalizeDatabaseCreation(
   config: configUtils.Config,
   threadsFlag: string,
   memoryFlag: string,
-  logger: Logger,
-  featureEnablement: FeatureEnablement
+  logger: Logger
 ): Promise<DatabaseCreationTimings> {
   const codeql = await getCodeQL(config.codeQLCmd);
 
   const extractionStart = performance.now();
-  await createdDBForScannedLanguages(codeql, config, logger, featureEnablement);
+  await createdDBForScannedLanguages(codeql, config, logger);
   const extractionTime = performance.now() - extractionStart;
 
   const trapImportStart = performance.now();
@@ -459,8 +459,7 @@ export async function runFinalize(
   threadsFlag: string,
   memoryFlag: string,
   config: configUtils.Config,
-  logger: Logger,
-  featureEnablement: FeatureEnablement
+  logger: Logger
 ): Promise<DatabaseCreationTimings> {
   try {
     await del(outputDir, { force: true });
@@ -475,8 +474,7 @@ export async function runFinalize(
     config,
     threadsFlag,
     memoryFlag,
-    logger,
-    featureEnablement
+    logger
   );
 
   const codeql = await getCodeQL(config.codeQLCmd);
@@ -487,11 +485,7 @@ export async function runFinalize(
   // step.
   if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
     // Delete variables as specified by the end-tracing script
-    await endTracingForCluster(
-      config,
-      await util.isGoExtractionReconciliationEnabled(featureEnablement),
-      logger
-    );
+    await endTracingForCluster(config);
   } else {
     // Delete the tracer config env var to avoid tracing ourselves
     delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];