Stop setting CODEQL_RUNNER environment variable if CLI already sets it (#2081)

* Check `setsCodeqlRunnerEnvVar` is set in the CLI with `ToolsFeatures` * Stop setting `CODEQL_RUNNER` env var when CLI does * Add optional `features` parameter in test utils * Test that `CODEQL_RUNNER` is not set if CLI sets it
2026-01-07 07:00:28 +08:00 · 2024-01-12 09:41:07 -08:00
parent eb14aeb61d
commit 96531062ba
18 changed files with 152 additions and 37 deletions
--- a/src/init.ts
+++ b/src/init.ts
@@ -124,7 +124,7 @@ export async function runInit(
  } catch (e) {
    throw processError(e);
  }
-  return await getCombinedTracerConfig(config);
+  return await getCombinedTracerConfig(await codeql.getVersion(), config);
 }

 export function printPathFiltersWarning(
--- a/src/testing-utils.ts
+++ b/src/testing-utils.ts
@@ -211,14 +211,21 @@ export function mockLanguagesInRepo(languages: string[]) {
 /**
 * Constructs a `VersionInfo` object for testing purposes only.
 */
-export const makeVersionInfo = (version: string): CodeQL.VersionInfo => ({
+export const makeVersionInfo = (
+  version: string,
+  features?: { [name: string]: boolean },
+): CodeQL.VersionInfo => ({
  version,
+  features,
 });

-export function mockCodeQLVersion(version: string) {
+export function mockCodeQLVersion(
+  version: string,
+  features?: { [name: string]: boolean },
+) {
  return {
    async getVersion() {
-      return makeVersionInfo(version);
+      return makeVersionInfo(version, features);
    },
  } as CodeQL.CodeQL;
 }
--- a/src/tools-features.test.ts
+++ b/src/tools-features.test.ts
@@ -22,3 +22,17 @@ test("isSupportedToolsFeature", async (t) => {
    ),
  );
 });
+
+test("setsCodeqlRunnerEnvVar", async (t) => {
+  const versionInfo = makeVersionInfo("1.0.0");
+
+  t.false(
+    isSupportedToolsFeature(versionInfo, ToolsFeature.SetsCodeqlRunnerEnvVar),
+  );
+
+  versionInfo.features = { setsCodeqlRunnerEnvVar: true };
+
+  t.true(
+    isSupportedToolsFeature(versionInfo, ToolsFeature.SetsCodeqlRunnerEnvVar),
+  );
+});
--- a/src/tools-features.ts
+++ b/src/tools-features.ts
@@ -2,6 +2,7 @@ import { VersionInfo } from "./codeql";

 export enum ToolsFeature {
  IndirectTracingSupportsStaticBinaries = "indirectTracingSupportsStaticBinaries",
+  SetsCodeqlRunnerEnvVar = "setsCodeqlRunnerEnvVar",
 }

 /**
--- a/src/tracer-config.test.ts
+++ b/src/tracer-config.test.ts
@@ -5,7 +5,7 @@ import test from "ava";

 import * as configUtils from "./config-utils";
 import { Language } from "./languages";
-import { setupTests } from "./testing-utils";
+import { makeVersionInfo, setupTests } from "./testing-utils";
 import { getCombinedTracerConfig } from "./tracer-config";
 import * as util from "./util";

@@ -33,7 +33,10 @@ test("getCombinedTracerConfig - return undefined when no languages are traced la
    const config = getTestConfig(tmpDir);
    // No traced languages
    config.languages = [Language.javascript, Language.python];
-    t.deepEqual(await getCombinedTracerConfig(config), undefined);
+    t.deepEqual(
+      await getCombinedTracerConfig(makeVersionInfo("1.0.0"), config),
+      undefined,
+    );
  });
 });

@@ -66,7 +69,10 @@ test("getCombinedTracerConfig - with start-tracing.json environment file", async
    );
    fs.writeFileSync(startTracingJson, JSON.stringify(startTracingEnv));

-    const result = await getCombinedTracerConfig(config);
+    const result = await getCombinedTracerConfig(
+      makeVersionInfo("1.0.0"),
+      config,
+    );
    t.notDeepEqual(result, undefined);

    const expectedEnv = startTracingEnv;
@@ -93,3 +99,42 @@ test("getCombinedTracerConfig - with start-tracing.json environment file", async
    });
  });
 });
+
+test("getCombinedTracerConfig - with SetsCodeqlRunnerEnvVar feature enabled in CLI", async (t) => {
+  await util.withTmpDir(async (tmpDir) => {
+    const config = getTestConfig(tmpDir);
+
+    const bundlePath = path.join(tmpDir, "bundle");
+    const codeqlPlatform =
+      process.platform === "win32"
+        ? "win64"
+        : process.platform === "darwin"
+        ? "osx64"
+        : "linux64";
+    const startTracingEnv = {
+      foo: "bar",
+      CODEQL_DIST: bundlePath,
+      CODEQL_PLATFORM: codeqlPlatform,
+    };
+
+    const tracingEnvironmentDir = path.join(
+      config.dbLocation,
+      "temp",
+      "tracingEnvironment",
+    );
+    fs.mkdirSync(tracingEnvironmentDir, { recursive: true });
+    const startTracingJson = path.join(
+      tracingEnvironmentDir,
+      "start-tracing.json",
+    );
+    fs.writeFileSync(startTracingJson, JSON.stringify(startTracingEnv));
+
+    const result = await getCombinedTracerConfig(
+      makeVersionInfo("1.0.0", { setsCodeqlRunnerEnvVar: true }),
+      config,
+    );
+    t.notDeepEqual(result, undefined);
+
+    t.false(Object.prototype.hasOwnProperty.call(result?.env, "CODEQL_RUNNER"));
+  });
+});
--- a/src/tracer-config.ts
+++ b/src/tracer-config.ts
@@ -1,8 +1,10 @@
 import * as fs from "fs";
 import * as path from "path";

+import { VersionInfo } from "./codeql";
 import * as configUtils from "./config-utils";
 import { isTracedLanguage } from "./languages";
+import { ToolsFeature, isSupportedToolsFeature } from "./tools-features";

 export type TracerConfig = {
  env: { [key: string]: string };
@@ -59,6 +61,7 @@ export async function getTracerConfigForCluster(
 }

 export async function getCombinedTracerConfig(
+  versionInfo: VersionInfo,
  config: configUtils.Config,
 ): Promise<TracerConfig | undefined> {
  // Abort if there are no traced languages as there's nothing to do
@@ -69,17 +72,25 @@ export async function getCombinedTracerConfig(

  const mainTracerConfig = await getTracerConfigForCluster(config);

-  // On macos it's necessary to prefix the build command with the runner executable
-  // on order to trace when System Integrity Protection is enabled.
-  // The executable also exists and works for other platforms so we output this env
-  // var with a path to the runner regardless so it's always available.
-  const runnerExeName = process.platform === "win32" ? "runner.exe" : "runner";
-  mainTracerConfig.env["CODEQL_RUNNER"] = path.join(
-    mainTracerConfig.env["CODEQL_DIST"],
-    "tools",
-    mainTracerConfig.env["CODEQL_PLATFORM"],
-    runnerExeName,
-  );
+  // If the CLI doesn't yet support setting the CODEQL_RUNNER environment variable to
+  // the runner executable path, we set it here in the Action.
+  if (
+    !isSupportedToolsFeature(versionInfo, ToolsFeature.SetsCodeqlRunnerEnvVar)
+  ) {
+    // On MacOS when System Integrity Protection is enabled, it's necessary to prefix
+    // the build command with the runner executable for indirect tracing, so we expose
+    // it here via the CODEQL_RUNNER environment variable.
+    // The executable also exists and works for other platforms so we unconditionally
+    // set the environment variable.
+    const runnerExeName =
+      process.platform === "win32" ? "runner.exe" : "runner";
+    mainTracerConfig.env["CODEQL_RUNNER"] = path.join(
+      mainTracerConfig.env["CODEQL_DIST"],
+      "tools",
+      mainTracerConfig.env["CODEQL_PLATFORM"],
+      runnerExeName,
+    );
+  }

  return mainTracerConfig;
 }