From a943ea9f2d02660ec589a50303a1a59eb8f1113b Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Tue, 26 Mar 2024 11:52:47 -0400 Subject: [PATCH] Omit Autofix column if no row has it (#49872) --- .../generate-code-scanning-query-lists.yml | 20 +++++++++++-- .github/workflows/lint-code.yml | 8 +++--- .../generate-code-scanning-query-list.ts | 28 +++++++++++++------ 3 files changed, 42 insertions(+), 14 deletions(-) diff --git a/.github/workflows/generate-code-scanning-query-lists.yml b/.github/workflows/generate-code-scanning-query-lists.yml index f130d28f60..9a29cab656 100644 --- a/.github/workflows/generate-code-scanning-query-lists.yml +++ b/.github/workflows/generate-code-scanning-query-lists.yml @@ -14,6 +14,13 @@ on: description: 'Branch to pull the source files from in the codeql repo (for example codeql-cli-2.x.x).' type: string required: true + default: 'main' + + pull_request: + paths: + - .github/workflows/generate-code-scanning-query-lists.yml + - src/code-scanning/scripts/generate-code-scanning-query-list.ts + - .github/actions/install-cocofix/action.yml permissions: contents: write @@ -34,7 +41,7 @@ jobs: with: repository: github/codeql path: codeql - ref: ${{ inputs.SOURCE_BRANCH }} + ref: ${{ inputs.SOURCE_BRANCH || 'main' }} - name: Get the codeql SHA being synced id: codeql @@ -76,13 +83,14 @@ jobs: $lang done - - name: Debug + - name: Insight into diff run: | git diff - name: Create pull request env: GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }} + DRY_RUN: ${{ github.event_name == 'pull_request'}} run: | # If nothing to commit, exit now. It's fine. No orphans. changes=$(git diff --name-only | wc -l) @@ -101,6 +109,14 @@ jobs: # it doesn't "know" about branches locally, so we need to manually list them. branchExists=$(git ls-remote --heads origin refs/heads/$branchname | wc -l) + # When run on a pull_request, we're just testing the tooling. + # Exit before it actually pushes the possible changes. + if [ "$DRY_RUN" = "true" ]; then + echo "Dry-run mode when run in a pull request" + echo "See the 'Insight into diff' step for the changes it would create PR about." + exit 0 + fi + if [ $branchExists -ne 0 ]; then echo "Branch $branchname already exists in the remote repository." exit 0 diff --git a/.github/workflows/lint-code.yml b/.github/workflows/lint-code.yml index b9938cbc4c..d51c0be647 100644 --- a/.github/workflows/lint-code.yml +++ b/.github/workflows/lint-code.yml @@ -39,15 +39,15 @@ jobs: - uses: ./.github/actions/node-npm-setup + - uses: ./.github/actions/install-cocofix + with: + token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW }} + - name: Run linter run: npm run lint - name: Run Prettier run: npm run prettier-check - - uses: ./.github/actions/install-cocofix - with: - token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW }} - - name: Run TypeScript run: npm run tsc diff --git a/src/code-scanning/scripts/generate-code-scanning-query-list.ts b/src/code-scanning/scripts/generate-code-scanning-query-list.ts index 406f7a652e..f05d2f2fab 100644 --- a/src/code-scanning/scripts/generate-code-scanning-query-list.ts +++ b/src/code-scanning/scripts/generate-code-scanning-query-list.ts @@ -55,8 +55,8 @@ import chalk from 'chalk' import { program } from 'commander' // We don't want to introduce a global dependency on @github/cocofix, so we install it by hand // as described above and suppress the import warning. -import { getSupportedQueries } from '@github/cocofix/dist/querySuites' // eslint-disable-line import/no-unresolved -import { type Language } from '@github/cocofix/dist/codeql' // eslint-disable-line import/no-unresolved +import { getSupportedQueries } from '@github/cocofix/dist/querySuites' // eslint-disable-line import/no-extraneous-dependencies +import { type Language } from '@github/cocofix/dist/codeql' // eslint-disable-line import/no-extraneous-dependencies program .description('Generate a reusable Markdown for for a code scanning query language') @@ -164,14 +164,24 @@ async function main(options: Options, language: string) { const entries = Object.values(queries) entries.sort((a, b) => a.name.localeCompare(b.name)) - printQueries(options, entries) + + // At the moment, our chosen business logic is that we omit the Autofix + // column if there are no queries that support it. + // In a future rendition we might revisit this to make it configurable + // instead. + const includeAutofix = entries.some((query) => query.autofixSupport !== 'none') + console.warn(`${includeAutofix ? 'Including' : 'Excluding'} 'Autofix' column for ${language}`) + printQueries(options, entries, includeAutofix) } -function printQueries(options: Options, queries: Query[]) { +function printQueries(options: Options, queries: Query[], includeAutofix: boolean) { const markdown = [] markdown.push('{% rowheaders %}') markdown.push('') // blank line - const header = ['Query name', 'Related CWEs', 'Default', 'Extended', 'Autofix'] + const header = ['Query name', 'Related CWEs', 'Default', 'Extended'] + if (includeAutofix) { + header.push('Autofix') + } markdown.push(`| ${header.join(' | ')} |`) markdown.push(`| ${header.map(() => '---').join(' | ')} |`) @@ -192,9 +202,11 @@ function printQueries(options: Options, queries: Query[]) { if (query.autofixSupport === 'default') { autofixIcon = includedOcticon } - markdown.push( - `| ${markdownLink} | ${query.cwes.join(', ')} | ${defaultIcon} | ${extendedIcon} | ${autofixIcon} |`, - ) + const row = [markdownLink, query.cwes.join(', '), defaultIcon, extendedIcon] + if (includeAutofix) { + row.push(autofixIcon) + } + markdown.push(`| ${row.join(' | ')} |`) } markdown.push('') // blank line markdown.push('{% endrowheaders %}')