Run the pack download command

2026-01-06 22:50:17 +08:00 · 2021-06-04 13:44:24 -07:00
parent 06687e95c8
commit d87945e9fd
9 changed files with 73 additions and 7 deletions
--- a/src/analyze.ts
+++ b/src/analyze.ts
@@ -178,6 +178,16 @@ export async function runQueries(
    }

    try {
+      if (hasPackWithCustomQueries) {
+        const codeql = getCodeQL(config.codeQLCmd);
+        const results = await codeql.packDownload(packsWithVersion);
+        logger.info(
+          `Downloaded packs: ${results.packs
+            .map((r) => `${r.name}@${r.version || "latest"}`)
+            .join(", ")}`
+        );
+      }
+
      let analysisSummaryBuiltIn = "";
      const customAnalysisSummaries: string[] = [];
      if (queries["builtin"].length > 0) {
@@ -256,6 +266,7 @@ export async function runQueries(
      logger.endGroup();
    } catch (e) {
      logger.info(e);
+      logger.info(e.stack);
      statusReport.analyze_failure_language = language;
      throw new CodeQLAnalysisError(
        statusReport,
--- a/src/codeql.ts
+++ b/src/codeql.ts
@@ -760,7 +760,7 @@ function getCodeQLForCmd(cmd: string): CodeQL {
      await new toolrunner.ToolRunner(cmd, args, {
        listeners: {
          stdout: (data: Buffer) => {
-            output += data.toString("utf8");
+            output += data.toString();
          },
        },
      }).exec();
@@ -781,7 +781,7 @@ function getCodeQLForCmd(cmd: string): CodeQL {
      const args = [
        "pack",
        "download",
-        "-v",
+        "--format=json",
        ...getExtraOptionsFromEnv(["pack", "download"]),
        ...packs.map(packWithVersionToString),
      ];
--- a/src/init-action.ts
+++ b/src/init-action.ts
@@ -1,4 +1,9 @@
+import * as fs from "fs";
+import * as os from "os";
+import * as path from "path";
+
 import * as core from "@actions/core";
+import * as yaml from "js-yaml";

 import {
  createStatusReportBase,
@@ -177,6 +182,28 @@ async function run() {
        );
      }
    }
+
+    ////////////////////////////////
+    // TODO This should not happen in the action, we should be able to
+    // generate the default qlconfig from the CLI
+    // DO NOT COMMIT THIS
+    const defaultQlConfig = {
+      registryKind: "docker",
+      registries: [
+        {
+          url: "https://ghcr.io/v2/",
+          packages: "*",
+        },
+      ],
+    };
+
+    fs.mkdirSync(path.join(os.homedir(), ".codeql"));
+    fs.writeFileSync(
+      path.join(os.homedir(), ".codeql", "qlconfig.yml"),
+      yaml.safeDump(defaultQlConfig),
+      "utf8"
+    );
+    ////////////////////////////////
  } catch (e) {
    core.setFailed(e.message);
    console.log(e);