From c7eea240e2aeef87ca530b48270701eea233e61e Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Thu, 4 Apr 2024 17:10:28 +0200 Subject: [PATCH] Remove python dependency installation logic I've left a few warning logging cases, but overall this feature is no longer supported. --- src/analyze.ts | 45 ++++++-------------------------------------- src/feature-flags.ts | 37 ------------------------------------ src/init-action.ts | 37 ++++++++++-------------------------- src/init.ts | 43 ------------------------------------------ 4 files changed, 16 insertions(+), 146 deletions(-) diff --git a/src/analyze.ts b/src/analyze.ts index 2431def51..3f7a944d4 100644 --- a/src/analyze.ts +++ b/src/analyze.ts @@ -20,7 +20,6 @@ import { EnvVar } from "./environment"; import { FeatureEnablement, Feature, - isPythonDependencyInstallationDisabled, } from "./feature-flags"; import { isScannedLanguage, Language } from "./languages"; import { Logger } from "./logging"; @@ -123,8 +122,6 @@ export interface QueriesStatusReport { async function setupPythonExtractor( logger: Logger, - features: FeatureEnablement, - codeql: CodeQL, ) { const codeqlPython = process.env["CODEQL_PYTHON"]; if (codeqlPython === undefined || codeqlPython.length === 0) { @@ -132,41 +129,11 @@ async function setupPythonExtractor( return; } - if (await isPythonDependencyInstallationDisabled(codeql, features)) { - logger.warning( - "We recommend that you remove the CODEQL_PYTHON environment variable from your workflow. This environment variable was originally used to specify a Python executable that included the dependencies of your Python code, however Python analysis no longer uses these dependencies." + - "\nIf you used CODEQL_PYTHON to force the version of Python to analyze as, please use CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION instead, such as 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=2.7' or 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=3.11'.", - ); - return; - } - - const scriptsFolder = path.resolve(__dirname, "../python-setup"); - - let output = ""; - const options = { - listeners: { - stdout: (data: Buffer) => { - output += data.toString(); - }, - }, - }; - - await new toolrunner.ToolRunner( - codeqlPython, - [path.join(scriptsFolder, "find_site_packages.py")], - options, - ).exec(); - logger.info(`Setting LGTM_INDEX_IMPORT_PATH=${output}`); - process.env["LGTM_INDEX_IMPORT_PATH"] = output; - - output = ""; - await new toolrunner.ToolRunner( - codeqlPython, - ["-c", "import sys; print(sys.version_info[0])"], - options, - ).exec(); - logger.info(`Setting LGTM_PYTHON_SETUP_VERSION=${output}`); - process.env["LGTM_PYTHON_SETUP_VERSION"] = output; + logger.warning( + "CODEQL_PYTHON environment variable is no longer supported. Please remove it from your workflow. This environment variable was originally used to specify a Python executable that included the dependencies of your Python code, however Python analysis no longer uses these dependencies." + + "\nIf you used CODEQL_PYTHON to force the version of Python to analyze as, please use CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION instead, such as 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=2.7' or 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=3.11'.", + ); + return; } export async function runExtraction( @@ -186,7 +153,7 @@ export async function runExtraction( if (shouldExtractLanguage(config, language)) { logger.startGroup(`Extracting ${language}`); if (language === Language.python) { - await setupPythonExtractor(logger, features, codeql); + await setupPythonExtractor(logger); } if ( config.buildMode && diff --git a/src/feature-flags.ts b/src/feature-flags.ts index 2f4c75d59..2185c312b 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -49,8 +49,6 @@ export enum Feature { CppTrapCachingEnabled = "cpp_trap_caching_enabled", DisableJavaBuildlessEnabled = "disable_java_buildless_enabled", DisableKotlinAnalysisEnabled = "disable_kotlin_analysis_enabled", - DisablePythonDependencyInstallationEnabled = "disable_python_dependency_installation_enabled", - PythonDefaultIsToSkipDependencyInstallationEnabled = "python_default_is_to_skip_dependency_installation_enabled", ExportDiagnosticsEnabled = "export_diagnostics_enabled", QaTelemetryEnabled = "qa_telemetry_enabled", } @@ -95,25 +93,6 @@ export const featureConfig: Record< minimumVersion: undefined, defaultValue: false, }, - [Feature.DisablePythonDependencyInstallationEnabled]: { - envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION", - // Although the python extractor only started supporting not extracting installed - // dependencies in 2.13.1, the init-action can still benefit from not installing - // dependencies no matter what codeql version we are using, so therefore the - // minimumVersion is set to 'undefined'. This means that with an old CodeQL version, - // packages available with current python3 installation might get extracted. - minimumVersion: undefined, - defaultValue: false, - }, - [Feature.PythonDefaultIsToSkipDependencyInstallationEnabled]: { - // we can reuse the same environment variable as above. If someone has set it to - // `true` in their workflow this means dependencies are not installed, setting it to - // `false` means dependencies _will_ be installed. The same semantics are applied - // here! - envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION", - minimumVersion: "2.16.0", - defaultValue: true, - }, }; /** @@ -458,19 +437,3 @@ class GitHubFeatureFlags { } } } - -export async function isPythonDependencyInstallationDisabled( - codeql: CodeQL, - features: FeatureEnablement, -): Promise { - return ( - (await features.getValue( - Feature.DisablePythonDependencyInstallationEnabled, - codeql, - )) || - (await features.getValue( - Feature.PythonDefaultIsToSkipDependencyInstallationEnabled, - codeql, - )) - ); -} diff --git a/src/init-action.ts b/src/init-action.ts index 21982a65f..f25c03677 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -19,13 +19,11 @@ import { EnvVar } from "./environment"; import { Feature, Features, - isPythonDependencyInstallationDisabled, } from "./feature-flags"; import { checkInstallPython311, initCodeQL, initConfig, - installPythonDeps, runInit, } from "./init"; import { Language } from "./languages"; @@ -294,24 +292,6 @@ async function run() { ); await checkInstallPython311(config.languages, codeql); - - if ( - config.languages.includes(Language.python) && - getRequiredInput("setup-python-dependencies") === "true" - ) { - if (await isPythonDependencyInstallationDisabled(codeql, features)) { - logger.info("Skipping python dependency installation"); - } else { - try { - await installPythonDeps(codeql, logger); - } catch (unwrappedError) { - const error = wrapError(unwrappedError); - logger.warning( - `${error.message} You can call this action with 'setup-python-dependencies: false' to disable this process`, - ); - } - } - } } catch (unwrappedError) { const error = wrapError(unwrappedError); core.setFailed(error.message); @@ -462,18 +442,21 @@ async function run() { } } - // Disable Python dependency extraction if feature flag set - if (await isPythonDependencyInstallationDisabled(codeql, features)) { + // Disable Python dependency extraction if feature flag set From 2.16.0 the default + // for the python extractor is to not perform any library extraction. For versions + // before that, you needed to set this flag to enable this behavior (supported since + // 2.13.1). Since dependency installation is no longer supported in the action, we + + if (await codeQlVersionAbove(codeql, "2.16.0")) { + // do nothing + } else if (await codeQlVersionAbove(codeql, "2.13.1")) { core.exportVariable( "CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true", ); } else { - // From 2.16.0 the default for the python extractor is to not perform any library - // extraction, so we need to set this flag to enable it. - core.exportVariable( - "CODEQL_EXTRACTOR_PYTHON_FORCE_ENABLE_LIBRARY_EXTRACTION_UNTIL_2_17_0", - "true", + logger.warning( + "codeql-action no longer installs Python dependencies. We recommend upgrading to at least CodeQL 2.16.0 to avoid any potential problems due to this.", ); } diff --git a/src/init.ts b/src/init.ts index 0bbdaf5f0..60e01f61b 100644 --- a/src/init.ts +++ b/src/init.ts @@ -138,46 +138,3 @@ export async function checkInstallPython311( ]).exec(); } } - -export async function installPythonDeps(codeql: CodeQL, logger: Logger) { - logger.startGroup("Setup Python dependencies"); - - const scriptsFolder = path.resolve(__dirname, "../python-setup"); - - try { - if (process.platform === "win32") { - await new toolrunner.ToolRunner(await safeWhich.safeWhich("powershell"), [ - path.join(scriptsFolder, "install_tools.ps1"), - ]).exec(); - } else { - await new toolrunner.ToolRunner( - path.join(scriptsFolder, "install_tools.sh"), - ).exec(); - } - const script = "auto_install_packages.py"; - if (process.platform === "win32") { - await new toolrunner.ToolRunner(await safeWhich.safeWhich("py"), [ - "-3", - "-B", - path.join(scriptsFolder, script), - path.dirname(codeql.getPath()), - ]).exec(); - } else { - await new toolrunner.ToolRunner(await safeWhich.safeWhich("python3"), [ - "-B", - path.join(scriptsFolder, script), - path.dirname(codeql.getPath()), - ]).exec(); - } - } catch (e) { - logger.endGroup(); - logger.warning( - `An error occurred while trying to automatically install Python dependencies: ${e}\n` + - "Please make sure any necessary dependencies are installed before calling the codeql-action/analyze " + - "step, and add a 'setup-python-dependencies: false' argument to this step to disable our automatic " + - "dependency installation and avoid this warning.", - ); - return; - } - logger.endGroup(); -}