Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor CodeQL setup #1462

Merged
merged 2 commits into from
Jan 6, 2023
Merged

Refactor CodeQL setup #1462

merged 2 commits into from
Jan 6, 2023

Conversation

henrymercer
Copy link
Contributor

This PR refactors how the Action sets up the CodeQL tools. The aim is to make the code more readable and to set the stage for improving how we roll out new CodeQL versions.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@henrymercer henrymercer requested a review from a team as a code owner January 5, 2023 19:11
angelapwen
angelapwen previously approved these changes Jan 5, 2023
View reviewed changes
Copy link
Contributor

@angelapwen angelapwen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this!!!! It's so much clearer now. And, I learned that we have AssertNever now

aeisenberg
aeisenberg reviewed Jan 5, 2023
View reviewed changes
src/codeql.ts
variant: util.GitHubVariant,
logger: Logger
): Promise<CodeQLToolsSource> {
if (toolsInput && toolsInput !== "latest" && !toolsInput.startsWith("http")) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor:

Suggested change
if (toolsInput && toolsInput !== "latest" && !toolsInput.startsWith("http")) {
if (toolsInput !== "latest" && !toolsInput?.startsWith("http")) {

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that would start accepting toolsInput === undefined, which we don't want here.

src/codeql.ts Outdated
logger.debug("Downloading CodeQL bundle with token.");
headers.authorization = `token ${apiDetails.auth}`;
} else {
logger.debug("Downloading CodeQL bundle without token.");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case, the URL may still have a token search param, Should we explicitly remove it?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this was always here, so maybe not a problem?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"without adding token" would be more accurate — the goal here is to log that we aren't using the token input to init here.

@henrymercer henrymercer merged commit cf1437a into main Jan 6, 2023
@henrymercer henrymercer deleted the henrymercer/refactor-codeql-setup branch January 6, 2023 17:36
This was referenced Jan 12, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeisenberg aeisenberg aeisenberg approved these changes

@angelapwen angelapwen Awaiting requested review from angelapwen

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@henrymercer @aeisenberg @angelapwen