Allowing a cached version of the CodeQL bundle sometimes

To save time downloading the CodeQL bundle we're pre-downloading it into the
hosted Actions runner, but because the release schedule is different there may
be some version drift. This change allows a different version of the bundle
to be used than the default if a version isn't explicitly specified, there's
only one version downloaded, and it's been marked as a 'pinned-version' -
otherwise it reverts to the prior behavior.

lib/codeql.js

@@ -116,8 +116,28 @@ async function setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir,
     process.env["RUNNER_TEMP"] = tempDir;
     process.env["RUNNER_TOOL_CACHE"] = toolsDir;
     try {
+        // We use the special value of 'latest' to prioritize the version in the
+        // defaults over any pinned cached version.
+        const forceLatest = codeqlURL === "latest";
+        if (forceLatest) {
+            codeqlURL = undefined;
+        }
         const codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`, logger);
+        // If we find the specified version, we always use that.
         let codeqlFolder = toolcache.find("CodeQL", codeqlURLVersion);
+        // If we don't find the requested version, in some cases we may allow a
+        // different version to save download time if the version hasn't been
+        // specified explicitly (in which case we always honor it).
+        if (!codeqlFolder && !codeqlURL && !forceLatest) {
+            const codeqlVersions = toolcache.findAllVersions("CodeQL");
+            if (codeqlVersions.length === 1) {
+                const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
+                if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
+                    logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
+                    codeqlFolder = tmpCodeqlFolder;
+                }
+            }
+        }
         if (codeqlFolder) {
             logger.debug(`CodeQL found in cache ${codeqlFolder}`);
         }

lib/codeql.test.js

@@ -18,6 +18,7 @@ const codeql = __importStar(require("./codeql"));
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
+const defaults = __importStar(require("./defaults.json"));
 testing_utils_1.setupTests(ava_1.default);
 ava_1.default("download codeql bundle cache", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
@@ -34,6 +35,62 @@ ava_1.default("download codeql bundle cache", async (t) => {
         t.is(cachedVersions.length, 2);
     });
 });
+ava_1.default("download codeql bundle cache explicitly requested with pinned different version cached", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200610/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
+    });
+});
+ava_1.default("don't download codeql bundle cache with pinned different version cached", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        await codeql.setupCodeQL(undefined, "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 1);
+    });
+});
+ava_1.default("download codeql bundle cache with different version cached (not pinned)", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        nock_1.default("https://github.com")
+            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL(undefined, "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 2);
+    });
+});
+ava_1.default('download codeql bundle cache with pinned different version cached if "latests" tools specied', async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        nock_1.default("https://github.com")
+            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("latest", "token", "https://github.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 2);
+    });
+});
 ava_1.default("parse codeql bundle url version", (t) => {
     const tests = {
         "20200601": "0.0.0-20200601",

src/codeql.test.ts

@@ -7,6 +7,7 @@ import * as codeql from "./codeql";
 import { getRunnerLogger } from "./logging";
 import { setupTests } from "./testing-utils";
 import * as util from "./util";
+import * as defaults from "./defaults.json";
 
 setupTests(test);
 
@@ -43,6 +44,177 @@ test("download codeql bundle cache", async (t) => {
   });
 });
 
+test("download codeql bundle cache explicitly requested with pinned different version cached", async (t) => {
+  await util.withTmpDir(async (tmpDir) => {
+    nock("https://example.com")
+      .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+
+    nock("https://example.com")
+      .get(`/download/codeql-bundle-20200610/codeql-bundle.tar.gz`)
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
+  });
+});
+
+test("don't download codeql bundle cache with pinned different version cached", async (t) => {
+  await util.withTmpDir(async (tmpDir) => {
+    nock("https://example.com")
+      .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+
+    await codeql.setupCodeQL(
+      undefined,
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    const cachedVersions = toolcache.findAllVersions("CodeQL");
+
+    t.is(cachedVersions.length, 1);
+  });
+});
+
+test("download codeql bundle cache with different version cached (not pinned)", async (t) => {
+  await util.withTmpDir(async (tmpDir) => {
+    nock("https://example.com")
+      .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+
+    nock("https://github.com")
+      .get(
+        `/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle.tar.gz`
+      )
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      undefined,
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    const cachedVersions = toolcache.findAllVersions("CodeQL");
+
+    t.is(cachedVersions.length, 2);
+  });
+});
+
+test('download codeql bundle cache with pinned different version cached if "latests" tools specied', async (t) => {
+  await util.withTmpDir(async (tmpDir) => {
+    nock("https://example.com")
+      .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+
+    nock("https://github.com")
+      .get(
+        `/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle.tar.gz`
+      )
+      .replyWithFile(
+        200,
+        path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`)
+      );
+
+    await codeql.setupCodeQL(
+      "latest",
+      "token",
+      "https://github.com",
+      tmpDir,
+      tmpDir,
+      "runner",
+      getRunnerLogger(true)
+    );
+
+    const cachedVersions = toolcache.findAllVersions("CodeQL");
+
+    t.is(cachedVersions.length, 2);
+  });
+});
+
 test("parse codeql bundle url version", (t) => {
   const tests = {
     "20200601": "0.0.0-20200601",

src/codeql.ts

@@ -235,12 +235,37 @@ export async function setupCodeQL(
   process.env["RUNNER_TOOL_CACHE"] = toolsDir;
 
   try {
+    // We use the special value of 'latest' to prioritize the version in the
+    // defaults over any pinned cached version.
+    const forceLatest = codeqlURL === "latest";
+    if (forceLatest) {
+      codeqlURL = undefined;
+    }
+
     const codeqlURLVersion = getCodeQLURLVersion(
       codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`,
       logger
     );
 
+    // If we find the specified version, we always use that.
     let codeqlFolder = toolcache.find("CodeQL", codeqlURLVersion);
+
+    // If we don't find the requested version, in some cases we may allow a
+    // different version to save download time if the version hasn't been
+    // specified explicitly (in which case we always honor it).
+    if (!codeqlFolder && !codeqlURL && !forceLatest) {
+      const codeqlVersions = toolcache.findAllVersions("CodeQL");
+      if (codeqlVersions.length === 1) {
+        const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
+        if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
+          logger.debug(
+            `CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`
+          );
+          codeqlFolder = tmpCodeqlFolder;
+        }
+      }
+    }
+
     if (codeqlFolder) {
       logger.debug(`CodeQL found in cache ${codeqlFolder}`);
     } else {