зеркало из https://github.com/github/codeql.git
Go / configure-baseline: account for multiple vendor directories and the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` setting
Our existing configure-baseline scripts would give the wrong result if a `vendor` directory wasn't at the root of the repository, or if the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` variable was set to `true` indicating the user wants their vendored code scanned. Here I replace the shell scripts that implemented the very simplest behaviour with a small Go program.
This commit is contained in:
Родитель
8b4e060934
Коммит
21366dd502
|
@ -47,6 +47,7 @@ codeql_pkg_files(
|
||||||
"//go/extractor/cli/go-autobuilder",
|
"//go/extractor/cli/go-autobuilder",
|
||||||
"//go/extractor/cli/go-bootstrap",
|
"//go/extractor/cli/go-bootstrap",
|
||||||
"//go/extractor/cli/go-build-runner",
|
"//go/extractor/cli/go-build-runner",
|
||||||
|
"//go/extractor/cli/go-configure-baseline",
|
||||||
"//go/extractor/cli/go-extractor",
|
"//go/extractor/cli/go-extractor",
|
||||||
"//go/extractor/cli/go-gen-dbscheme",
|
"//go/extractor/cli/go-gen-dbscheme",
|
||||||
"//go/extractor/cli/go-tokenizer",
|
"//go/extractor/cli/go-tokenizer",
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
{
|
|
||||||
"paths-ignore": []
|
|
||||||
}
|
|
|
@ -1,5 +0,0 @@
|
||||||
{
|
|
||||||
"paths-ignore": [
|
|
||||||
"vendor/**"
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,6 +1,7 @@
|
||||||
@echo off
|
@echo off
|
||||||
if exist vendor\modules.txt (
|
SETLOCAL EnableDelayedExpansion
|
||||||
type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-vendor.json"
|
|
||||||
) else (
|
type NUL && "%CODEQL_EXTRACTOR_GO_ROOT%/tools/%CODEQL_PLATFORM%/go-configure-baseline.exe"
|
||||||
type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-empty.json"
|
exit /b %ERRORLEVEL%
|
||||||
)
|
|
||||||
|
ENDLOCAL
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
if [ -f vendor/modules.txt ]; then
|
"$CODEQL_EXTRACTOR_GO_ROOT/tools/$CODEQL_PLATFORM/go-configure-baseline"
|
||||||
cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-vendor.json"
|
|
||||||
else
|
|
||||||
cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-empty.json"
|
|
||||||
fi
|
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
# generated running `bazel run //go/gazelle`, do not edit
|
||||||
|
|
||||||
|
load("@rules_go//go:def.bzl", "go_library")
|
||||||
|
load("//go:rules.bzl", "codeql_go_binary")
|
||||||
|
|
||||||
|
go_library(
|
||||||
|
name = "go-configure-baseline_lib",
|
||||||
|
srcs = ["go-configure-baseline.go"],
|
||||||
|
importpath = "github.com/github/codeql-go/extractor/cli/go-configure-baseline",
|
||||||
|
visibility = ["//visibility:private"],
|
||||||
|
deps = ["//go/extractor/configurebaseline"],
|
||||||
|
)
|
||||||
|
|
||||||
|
codeql_go_binary(
|
||||||
|
name = "go-configure-baseline",
|
||||||
|
embed = [":go-configure-baseline_lib"],
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
)
|
|
@ -0,0 +1,14 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/github/codeql-go/extractor/configurebaseline"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
jsonResult, err := configurebaseline.GetConfigBaselineAsJSON(".")
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
} else {
|
||||||
|
println(string(jsonResult))
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,10 @@
|
||||||
|
# generated running `bazel run //go/gazelle`, do not edit
|
||||||
|
|
||||||
|
load("@rules_go//go:def.bzl", "go_library")
|
||||||
|
|
||||||
|
go_library(
|
||||||
|
name = "configurebaseline",
|
||||||
|
srcs = ["configurebaseline.go"],
|
||||||
|
importpath = "github.com/github/codeql-go/extractor/configurebaseline",
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
)
|
|
@ -0,0 +1,48 @@
|
||||||
|
package configurebaseline
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"io/fs"
|
||||||
|
"os"
|
||||||
|
"path"
|
||||||
|
"path/filepath"
|
||||||
|
)
|
||||||
|
|
||||||
|
func fileExists(path string) bool {
|
||||||
|
stat, err := os.Stat(path)
|
||||||
|
return err == nil && stat.Mode().IsRegular()
|
||||||
|
}
|
||||||
|
|
||||||
|
func isGolangVendorDirectory(dirPath string) bool {
|
||||||
|
// Call a directory a Golang vendor directory if it contains a modules.txt file.
|
||||||
|
return path.Base(dirPath) == "vendor" && fileExists(path.Join(dirPath, "modules.txt"))
|
||||||
|
}
|
||||||
|
|
||||||
|
type PathsIgnoreStruct struct {
|
||||||
|
PathsIgnore []string `json:"paths-ignore"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func GetConfigBaselineAsJSON(rootDir string) ([]byte, error) {
|
||||||
|
vendorDirs := make([]string, 0)
|
||||||
|
|
||||||
|
// If CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS is "true":
|
||||||
|
if os.Getenv("CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS") == "true" {
|
||||||
|
// The user wants vendor directories scanned; emit an empty report.
|
||||||
|
} else {
|
||||||
|
filepath.WalkDir(rootDir, func(dirPath string, d fs.DirEntry, err error) error {
|
||||||
|
if err != nil {
|
||||||
|
// Mask any unreadable paths.
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
if isGolangVendorDirectory(dirPath) {
|
||||||
|
vendorDirs = append(vendorDirs, path.Join(dirPath, "**"))
|
||||||
|
return filepath.SkipDir
|
||||||
|
} else {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
outputStruct := PathsIgnoreStruct{PathsIgnore: vendorDirs}
|
||||||
|
return json.Marshal(outputStruct)
|
||||||
|
}
|
Загрузка…
Ссылка в новой задаче