Skip an API call when downloading a CodeQL version with a semver bundle

Previously, we made an API call to look up the CLI version to release
mapping when the default CLI version was requested on Dotcom and that
CLI wasn't in the toolcache.
Now we compute the tag name directly for semver bundles.

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_NEW_ANALYSIS_SUMMARY = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_NEW_ANALYSIS_SUMMARY = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@@ -99,6 +99,10 @@ exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
  * Versions 2.13.4+ of the CodeQL CLI support the `resolve build-environment` command.
  */
 exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = "2.13.4";
+/**
+ * Versions 2.13.4+ of the CodeQL CLI had a semantically versioned CodeQL Bundle.
+ */
+exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
 /**
  * Versions 2.14.0+ of the CodeQL CLI support new analysis summaries.
  */

lib/feature-flags.js

@@ -181,14 +181,20 @@ class GitHubFeatureFlags {
     }
     async getDefaultCliVersion(variant) {
         if (variant === util.GitHubVariant.DOTCOM) {
-            const defaultDotComCliVersion = await this.getDefaultDotcomCliVersion();
-            return {
-                cliVersion: defaultDotComCliVersion.version,
-                toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
-                    ? defaultDotComCliVersion.toolsFeatureFlagsValid
-                    : undefined,
+            const defaultDotcomCliVersion = await this.getDefaultDotcomCliVersion();
+            const cliVersion = defaultDotcomCliVersion.version;
+            const result = {
+                cliVersion,
                 variant,
             };
+            if (semver.gte(cliVersion, codeql_1.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)) {
+                result.tagName = `codeql-bundle-v${cliVersion}`;
+            }
+            if (this.hasAccessedRemoteFeatureFlags) {
+                result.toolsFeatureFlagsValid =
+                    defaultDotcomCliVersion.toolsFeatureFlagsValid;
+            }
+            return result;
         }
         return {
             cliVersion: defaults.cliVersion,

lib/feature-flags.test.js

@@ -247,6 +247,21 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         });
     });
 });
+(0, ava_1.default)("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
+    await (0, util_1.withTmpDir)(async (tmpDir) => {
+        const features = setUpFeatureFlagTests(tmpDir);
+        const expectedFeatureEnablement = initializeFeatures(true);
+        expectedFeatureEnablement["default_codeql_version_2_20_0_enabled"] = true;
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
+        const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
+        t.deepEqual(defaultCliVersion, {
+            cliVersion: "2.20.0",
+            tagName: "codeql-bundle-v2.20.0",
+            toolsFeatureFlagsValid: true,
+            variant: util_1.GitHubVariant.DOTCOM,
+        });
+    });
+});
 (0, ava_1.default)(`selects CLI from defaults.json on Dotcom when no default version feature flags are enabled`, async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const features = setUpFeatureFlagTests(tmpDir);
@@ -255,6 +270,7 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
         t.deepEqual(defaultCliVersion, {
             cliVersion: defaults.cliVersion,
+            tagName: defaults.bundleVersion,
             toolsFeatureFlagsValid: false,
             variant: util_1.GitHubVariant.DOTCOM,
         });

lib/setup-codeql.js

@@ -326,7 +326,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
     else {
         // Otherwise, use the default CLI version passed in.
         cliVersion = defaultCliVersion.cliVersion;
-        tagName = defaultCliVersion["tagName"];
+        tagName = defaultCliVersion.tagName;
     }
     const bundleVersion = tagName && tryGetBundleVersionFromTagName(tagName, logger);
     const humanReadableVersion = cliVersion ??

src/codeql.ts

@@ -315,6 +315,11 @@ export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
  */
 export const CODEQL_VERSION_RESOLVE_ENVIRONMENT = "2.13.4";
 
+/**
+ * Versions 2.13.4+ of the CodeQL CLI had a semantically versioned CodeQL Bundle.
+ */
+export const CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
+
 /**
  * Versions 2.14.0+ of the CodeQL CLI support new analysis summaries.
  */

src/feature-flags.test.ts

@@ -395,6 +395,25 @@ test("selects CLI v2.12.1 on Dotcom when feature flags enable v2.12.0 and v2.12.
   });
 });
 
+test("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
+  await withTmpDir(async (tmpDir) => {
+    const features = setUpFeatureFlagTests(tmpDir);
+    const expectedFeatureEnablement = initializeFeatures(true);
+    expectedFeatureEnablement["default_codeql_version_2_20_0_enabled"] = true;
+    mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement);
+
+    const defaultCliVersion = await features.getDefaultCliVersion(
+      GitHubVariant.DOTCOM
+    );
+    t.deepEqual(defaultCliVersion, {
+      cliVersion: "2.20.0",
+      tagName: "codeql-bundle-v2.20.0",
+      toolsFeatureFlagsValid: true,
+      variant: GitHubVariant.DOTCOM,
+    });
+  });
+});
+
 test(`selects CLI from defaults.json on Dotcom when no default version feature flags are enabled`, async (t) => {
   await withTmpDir(async (tmpDir) => {
     const features = setUpFeatureFlagTests(tmpDir);
@@ -406,6 +425,7 @@ test(`selects CLI from defaults.json on Dotcom when no default version feature f
     );
     t.deepEqual(defaultCliVersion, {
       cliVersion: defaults.cliVersion,
+      tagName: defaults.bundleVersion,
       toolsFeatureFlagsValid: false,
       variant: GitHubVariant.DOTCOM,
     });

src/feature-flags.ts

@@ -4,7 +4,11 @@ import * as path from "path";
 import * as semver from "semver";
 
 import { getApiClient } from "./api-client";
-import { CODEQL_VERSION_NEW_ANALYSIS_SUMMARY, CodeQL } from "./codeql";
+import {
+  CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED,
+  CODEQL_VERSION_NEW_ANALYSIS_SUMMARY,
+  CodeQL,
+} from "./codeql";
 import * as defaults from "./defaults.json";
 import { Logger } from "./logging";
 import { RepositoryNwo } from "./repository";
@@ -16,6 +20,7 @@ const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
 export type CodeQLDefaultVersionInfo =
   | {
       cliVersion: string;
+      tagName?: string;
       toolsFeatureFlagsValid?: boolean;
       variant: util.GitHubVariant.DOTCOM;
     }
@@ -256,14 +261,24 @@ class GitHubFeatureFlags {
     variant: util.GitHubVariant
   ): Promise<CodeQLDefaultVersionInfo> {
     if (variant === util.GitHubVariant.DOTCOM) {
-      const defaultDotComCliVersion = await this.getDefaultDotcomCliVersion();
-      return {
-        cliVersion: defaultDotComCliVersion.version,
-        toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
-          ? defaultDotComCliVersion.toolsFeatureFlagsValid
-          : undefined,
+      const defaultDotcomCliVersion = await this.getDefaultDotcomCliVersion();
+      const cliVersion = defaultDotcomCliVersion.version;
+      const result: CodeQLDefaultVersionInfo = {
+        cliVersion,
         variant,
       };
+      if (
+        semver.gte(cliVersion, CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)
+      ) {
+        result.tagName = `codeql-bundle-v${cliVersion}`;
+      }
+
+      if (this.hasAccessedRemoteFeatureFlags) {
+        result.toolsFeatureFlagsValid =
+          defaultDotcomCliVersion.toolsFeatureFlagsValid;
+      }
+
+      return result;
     }
     return {
       cliVersion: defaults.cliVersion,

src/setup-codeql.ts

@@ -411,7 +411,7 @@ export async function getCodeQLSource(
   } else {
     // Otherwise, use the default CLI version passed in.
     cliVersion = defaultCliVersion.cliVersion;
-    tagName = defaultCliVersion["tagName"];
+    tagName = defaultCliVersion.tagName;
   }
 
   const bundleVersion =