mrva/vscode-codeql
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Move GitHub actions code to separate module (#1044)

Browse Source
This commit is contained in:
Charis Kyriakou
2021-12-10 13:59:20 +00:00
committed by GitHub
parent 73f1beac6a
commit 60c977bff9
4 changed files with 189 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

178
extensions/ql-vscode/src/remote-queries/gh-actions-api-client.ts Normal file
View File

@@ -0,0 +1,178 @@
import * as unzipper from 'unzipper';
import * as path from 'path';
import * as fs from 'fs-extra';
import { showAndLogWarningMessage } from '../helpers';
import { Credentials } from '../authentication';
import { logger } from '../logging';
import { tmpDir } from '../run-queries';
import { RemoteQueryWorkflowResult } from './remote-query-workflow-result';
export interface ResultIndexItem {
nwo: string;
id: string;
results_count: number;
bqrs_file_size: number;
sarif_file_size?: number;
}
/**
* Gets the result index file for a given remote queries run.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param workflowRunId The ID of the workflow run to get the result index for.
* @returns An object containing the result index.
*/
export async function getResultIndex(
credentials: Credentials,
owner: string,
repo: string,
workflowRunId: number
): Promise<ResultIndexItem[]> {
const artifactList = await listWorkflowRunArtifacts(credentials, owner, repo, workflowRunId);
const artifactId = getArtifactIDfromName('result-index', artifactList);
if (!artifactId) {
void showAndLogWarningMessage(
`Could not find a result index for the [specified workflow](https://github.com/${owner}/${repo}/actions/runs/${workflowRunId}).
Please check whether the workflow run has successfully completed.`
);
return [];
}
const artifactPath = await downloadArtifact(credentials, owner, repo, artifactId);
const indexFilePath = path.join(artifactPath, 'index.json');
if (!(await fs.pathExists(indexFilePath))) {
void showAndLogWarningMessage('Could not find an `index.json` file in the result artifact.');
return [];
}
const resultIndex = await fs.readFile(path.join(artifactPath, 'index.json'), 'utf8');
try {
return JSON.parse(resultIndex);
} catch (error) {
throw new Error(`Invalid result index file: ${error}`);
}
}
/**
* Gets the status of a workflow run.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param workflowRunId The ID of the workflow run to get the result index for.
* @returns The workflow run status.
*/
export async function getWorkflowStatus(
credentials: Credentials,
owner: string,
repo: string,
workflowRunId: number): Promise<RemoteQueryWorkflowResult> {
const octokit = await credentials.getOctokit();
const workflowRun = await octokit.rest.actions.getWorkflowRun({
owner,
repo,
run_id: workflowRunId
});
if (workflowRun.data.status === 'completed') {
if (workflowRun.data.conclusion === 'success') {
return { status: 'CompletedSuccessfully' };
} else {
const error = getWorkflowError(workflowRun.data.conclusion);
return { status: 'CompletedUnsuccessfully', error };
}
}
return { status: 'InProgress' };
}
/**
* Lists the workflow run artifacts for the given workflow run ID.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param workflowRunId The ID of the workflow run to list artifacts for.
* @returns An array of artifact details (including artifact name and ID).
*/
async function listWorkflowRunArtifacts(
credentials: Credentials,
owner: string,
repo: string,
workflowRunId: number
) {
const octokit = await credentials.getOctokit();
const response = await octokit.rest.actions.listWorkflowRunArtifacts({
owner,
repo,
run_id: workflowRunId,
});
return response.data.artifacts;
}
/**
* @param artifactName The artifact name, as a string.
* @param artifacts An array of artifact details (from the "list workflow run artifacts" API response).
* @returns The artifact ID corresponding to the given artifact name.
*/
function getArtifactIDfromName(artifactName: string, artifacts: Array<{ id: number, name: string }>): number | undefined {
const artifact = artifacts.find(a => a.name === artifactName);
return artifact?.id;
}
/**
* Downloads an artifact from a workflow run.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param artifactId The ID of the artifact to download.
* @returns The path to the enclosing directory of the unzipped artifact.
*/
async function downloadArtifact(
credentials: Credentials,
owner: string,
repo: string,
artifactId: number
): Promise<string> {
const octokit = await credentials.getOctokit();
const response = await octokit.rest.actions.downloadArtifact({
owner,
repo,
artifact_id: artifactId,
archive_format: 'zip',
});
const artifactPath = path.join(tmpDir.name, `${artifactId}`);
void logger.log(`Downloading artifact to ${artifactPath}.zip`);
await fs.writeFile(
`${artifactPath}.zip`,
Buffer.from(response.data as ArrayBuffer)
);
void logger.log(`Extracting artifact to ${artifactPath}`);
await (
await unzipper.Open.file(`${artifactPath}.zip`)
).extract({ path: artifactPath });
return artifactPath;
}
function getWorkflowError(conclusion: string | null): string {
if (!conclusion) {
return 'Workflow finished without a conclusion';
}
if (conclusion === 'cancelled') {
return 'The remote query execution was cancelled.';
}
if (conclusion === 'timed_out') {
return 'The remote query execution timed out.';
}
if (conclusion === 'failure') {
// TODO: Get the actual error from the workflow or potentially
// from an artifact from the action itself.
return 'The remote query execution has failed.';
}
return `Unexpected query execution conclusion: ${conclusion}`;
}

3
extensions/ql-vscode/src/remote-queries/remote-queries-manager.ts
View File

@@ -4,7 +4,8 @@ import { CodeQLCliServer } from '../cli';
import { ProgressCallback } from '../commandRunner';
import { showAndLogErrorMessage, showInformationMessageWithAction } from '../helpers';
import { Logger } from '../logging';
import { getResultIndex, ResultIndexItem, runRemoteQuery } from './run-remote-query';
import { runRemoteQuery } from './run-remote-query';
import { getResultIndex, ResultIndexItem } from './gh-actions-api-client';
import { RemoteQueriesInterfaceManager } from './remote-queries-interface';
import { RemoteQuery } from './remote-query';
import { RemoteQueriesMonitor } from './remote-queries-monitor';

44
extensions/ql-vscode/src/remote-queries/remote-queries-monitor.ts
View File

@@ -1,6 +1,7 @@
import * as vscode from 'vscode';
import { Credentials } from '../authentication';
import { Logger } from '../logging';
import { getWorkflowStatus } from './gh-actions-api-client';
import { RemoteQuery } from './remote-query';
import { RemoteQueryWorkflowResult } from './remote-query-workflow-result';
@@ -28,26 +29,19 @@ export class RemoteQueriesMonitor {
let attemptCount = 0;
const octokit = await credentials.getOctokit();
while (attemptCount <= RemoteQueriesMonitor.maxAttemptCount) {
if (cancellationToken && cancellationToken.isCancellationRequested) {
return { status: 'Cancelled' };
}
const workflowRun = await octokit.rest.actions.getWorkflowRun({
owner: remoteQuery.controllerRepository.owner,
repo: remoteQuery.controllerRepository.name,
run_id: remoteQuery.actionsWorkflowRunId
});
const workflowStatus = await getWorkflowStatus(
credentials,
remoteQuery.controllerRepository.owner,
remoteQuery.controllerRepository.name,
remoteQuery.actionsWorkflowRunId);
if (workflowRun.data.status === 'completed') {
if (workflowRun.data.conclusion === 'success') {
return { status: 'CompletedSuccessfully' };
} else {
const error = this.getWorkflowError(workflowRun.data.conclusion);
return { status: 'CompletedUnsuccessfully', error };
}
if (workflowStatus.status !== 'InProgress') {
return workflowStatus;
}
await this.sleep(RemoteQueriesMonitor.sleepTime);
@@ -61,28 +55,6 @@ export class RemoteQueriesMonitor {
private async sleep(ms: number) {
return new Promise(resolve => setTimeout(resolve, ms));
}
private getWorkflowError(conclusion: string | null): string {
if (!conclusion) {
return 'Workflow finished without a conclusion';
}
if (conclusion === 'cancelled') {
return 'The remote query execution was cancelled.';
}
if (conclusion === 'timed_out') {
return 'The remote query execution timed out.';
}
if (conclusion === 'failure') {
// TODO: Get the actual error from the workflow or potentially
// from an artifact from the action itself.
return 'The remote query execution has failed.';
}
return `Unexpected query execution conclusion: ${conclusion}`;
}
}

118
extensions/ql-vscode/src/remote-queries/run-remote-query.ts
View File

@@ -3,7 +3,7 @@ import * as path from 'path';
import * as yaml from 'js-yaml';
import * as fs from 'fs-extra';
import * as tmp from 'tmp-promise';
import { askForLanguage, findLanguage, getOnDiskWorkspaceFolders, showAndLogErrorMessage, showAndLogInformationMessage, showAndLogWarningMessage, showInformationMessageWithAction } from '../helpers';
import { askForLanguage, findLanguage, getOnDiskWorkspaceFolders, showAndLogErrorMessage, showAndLogInformationMessage, showInformationMessageWithAction } from '../helpers';
import { Credentials } from '../authentication';
import * as cli from '../cli';
import { logger } from '../logging';
@@ -11,7 +11,6 @@ import { getRemoteControllerRepo, getRemoteRepositoryLists, setRemoteControllerR
import { tmpDir } from '../run-queries';
import { ProgressCallback, UserCancellationException } from '../commandRunner';
import { OctokitResponse } from '@octokit/types/dist-types';
import * as unzipper from 'unzipper';
import { RemoteQuery } from './remote-query';
import { RemoteQuerySubmissionResult } from './remote-query-submission-result';
@@ -452,121 +451,6 @@ async function ensureNameAndSuite(queryPackDir: string, packRelativePath: string
await fs.writeFile(packPath, yaml.safeDump(qlpack));
}
/**
* Lists the workflow run artifacts for the given workflow run ID.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param workflowRunId The ID of the workflow run to list artifacts for.
* @returns An array of artifact details (including artifact name and ID).
*/
async function listWorkflowRunArtifacts(
credentials: Credentials,
owner: string,
repo: string,
workflowRunId: number
) {
const octokit = await credentials.getOctokit();
const response = await octokit.rest.actions.listWorkflowRunArtifacts({
owner,
repo,
run_id: workflowRunId,
});
return response.data.artifacts;
}
/**
* @param artifactName The artifact name, as a string.
* @param artifacts An array of artifact details (from the "list workflow run artifacts" API response).
* @returns The artifact ID corresponding to the given artifact name.
*/
function getArtifactIDfromName(artifactName: string, artifacts: Array<{ id: number, name: string }>): number | undefined {
const artifact = artifacts.find(a => a.name === artifactName);
return artifact?.id;
}
/**
* Downloads an artifact from a workflow run.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param artifactId The ID of the artifact to download.
* @returns The path to the enclosing directory of the unzipped artifact.
*/
async function downloadArtifact(
credentials: Credentials,
owner: string,
repo: string,
artifactId: number
): Promise<string> {
const octokit = await credentials.getOctokit();
const response = await octokit.rest.actions.downloadArtifact({
owner,
repo,
artifact_id: artifactId,
archive_format: 'zip',
});
const artifactPath = path.join(tmpDir.name, `${artifactId}`);
void logger.log(`Downloading artifact to ${artifactPath}.zip`);
await fs.writeFile(
`${artifactPath}.zip`,
Buffer.from(response.data as ArrayBuffer)
);
void logger.log(`Extracting artifact to ${artifactPath}`);
await (
await unzipper.Open.file(`${artifactPath}.zip`)
).extract({ path: artifactPath });
return artifactPath;
}
export interface ResultIndexItem {
nwo: string;
id: string;
results_count: number;
bqrs_file_size: number;
sarif_file_size?: number;
}
/**
* Gets the result index file for a given remote queries run.
* @param credentials Credentials for authenticating to the GitHub API.
* @param owner
* @param repo
* @param workflowRunId The ID of the workflow run to get the result index for.
* @returns An object containing the result index.
*/
export async function getResultIndex(
credentials: Credentials,
owner: string,
repo: string,
workflowRunId: number
): Promise<ResultIndexItem[]> {
const artifactList = await listWorkflowRunArtifacts(credentials, owner, repo, workflowRunId);
const artifactId = getArtifactIDfromName('result-index', artifactList);
if (!artifactId) {
void showAndLogWarningMessage(
`Could not find a result index for the [specified workflow](https://github.com/${owner}/${repo}/actions/runs/${workflowRunId}).
Please check whether the workflow run has successfully completed.`
);
return [];
}
const artifactPath = await downloadArtifact(credentials, owner, repo, artifactId);
const indexFilePath = path.join(artifactPath, 'index.json');
if (!(await fs.pathExists(indexFilePath))) {
void showAndLogWarningMessage('Could not find an `index.json` file in the result artifact.');
return [];
}
const resultIndex = await fs.readFile(path.join(artifactPath, 'index.json'), 'utf8');
try {
return JSON.parse(resultIndex);
} catch (error) {
throw new Error(`Invalid result index file: ${error}`);
}
}
function buildRemoteQueryEntity(
repositories: string[],
queryFilePath: string,