codeql/.github/workflows/ql-for-ql-tests.yml

name: Run QL for QL Tests

on:
  push:
    branches: [main]
    paths:
      - "ql/**"
      - codeql-workspace.yml
      - .github/workflows/ql-for-ql-tests.yml
  pull_request:
    branches: [main]
    paths:
      - "ql/**"
      - codeql-workspace.yml
      - .github/workflows/ql-for-ql-tests.yml

env:
  CARGO_TERM_COLOR: always

permissions:
  contents: read

jobs:
  qltest:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Find codeql
        id: find-codeql
        uses: github/codeql-action/init@main
        with:
          languages: javascript # does not matter
      - uses: ./.github/actions/os-version
        id: os_version
      - uses: actions/cache@v3
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            ql/target
          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }}
      - name: Check formatting
        run: cd ql; cargo fmt --all -- --check
      - name: Build extractor
        run: |
          cd ql;
          codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }});
          env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh
      - name: Cache compilation cache
        id: query-cache
        uses: ./.github/actions/cache-query-compilation
        with: 
          key: ql-for-ql-tests
      - name: Run QL tests
        run: |
          "${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" ql/ql/test
        env:
          CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}

  other-os: 
    strategy:
      matrix:
        os: [macos-latest, windows-latest]
    needs: [qltest]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4
      - name: Install GNU tar 
        if: runner.os == 'macOS'
        run: |
          brew install gnu-tar
          echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
      - name: Find codeql
        id: find-codeql
        uses: github/codeql-action/init@main
        with:
          languages: javascript # does not matter
      - uses: ./.github/actions/os-version
        id: os_version
      - uses: actions/cache@v3
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            ql/target
          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }}
      - name: Build extractor
        if: runner.os != 'Windows'
        run: |
          cd ql;
          codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }});
          env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh
      - name: Build extractor (Windows)
        if: runner.os == 'Windows'
        shell: pwsh
        run: |
          cd ql;
          $Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})"
          pwsh ./scripts/create-extractor-pack.ps1
      - name: Run a single QL tests - Unix
        if: runner.os != 'Windows'
        run: |
          "${CODEQL}" test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref
        env:
          CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
      - name: Run a single QL tests - Windows
        if: runner.os == 'Windows'
        shell: pwsh
        run: |
          $Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})"
          codeql test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref