diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c4096383e..538062b23 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -112127,7 +112127,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) { } async function addFingerprints(sarif, sourceRoot, logger) { logger.info( - `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` + `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` ); const callbacksByFile = {}; for (const run2 of sarif.runs || []) { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index c93ca8567..4433a621c 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -168851,7 +168851,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) { } async function addFingerprints(sarif, sourceRoot, logger) { logger.info( - `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` + `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` ); const callbacksByFile = {}; for (const run3 of sarif.runs || []) { diff --git a/lib/init-action.js b/lib/init-action.js index 02aa9b762..03a2ee16e 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -106158,6 +106158,7 @@ async function runnerSupportsOverlayAnalysis(diskUsage, ramInput, logger) { async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, buildMode, ramInput, codeScanningConfig, gitVersion, logger) { let overlayDatabaseMode = "none" /* None */; let useOverlayDatabaseCaching = false; + let skippedDueToCachedStatus = false; const modeEnv = process.env.CODEQL_OVERLAY_DATABASE_MODE; if (modeEnv === "overlay" /* Overlay */ || modeEnv === "overlay-base" /* OverlayBase */ || modeEnv === "none" /* None */) { overlayDatabaseMode = modeEnv; @@ -106180,6 +106181,7 @@ async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, b `Setting overlay database mode to ${"none" /* None */} because overlay analysis previously failed with this combination of languages, disk space, and CodeQL version. Consider running CodeQL analysis on a larger runner.` ); overlayDatabaseMode = "none" /* None */; + skippedDueToCachedStatus = true; } else if (performResourceChecks && !await runnerSupportsOverlayAnalysis(diskUsage, ramInput, logger)) { overlayDatabaseMode = "none" /* None */; } else if (isAnalyzingPullRequest()) { @@ -106198,7 +106200,8 @@ async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, b } const nonOverlayAnalysis = { overlayDatabaseMode: "none" /* None */, - useOverlayDatabaseCaching: false + useOverlayDatabaseCaching: false, + skippedDueToCachedStatus }; if (overlayDatabaseMode === "none" /* None */) { return nonOverlayAnalysis; @@ -106243,7 +106246,8 @@ async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, b } return { overlayDatabaseMode, - useOverlayDatabaseCaching + useOverlayDatabaseCaching, + skippedDueToCachedStatus }; } function dbLocationOrDefault(dbLocation, tempDir) { @@ -106332,7 +106336,11 @@ async function initConfig(features, inputs) { } else { logger.debug(`Skipping check for generated files.`); } - const { overlayDatabaseMode, useOverlayDatabaseCaching } = await getOverlayDatabaseMode( + const { + overlayDatabaseMode, + useOverlayDatabaseCaching, + skippedDueToCachedStatus: overlaySkippedDueToCachedStatus + } = await getOverlayDatabaseMode( inputs.codeql, inputs.features, config.languages, @@ -106348,6 +106356,29 @@ async function initConfig(features, inputs) { ); config.overlayDatabaseMode = overlayDatabaseMode; config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; + if (overlaySkippedDueToCachedStatus) { + addNoLanguageDiagnostic( + config, + makeDiagnostic( + "codeql-action/overlay-skipped-due-to-cached-status", + "Overlay analysis skipped due to cached status", + { + attributes: { + languages: config.languages + }, + markdownMessage: `Overlay analysis was skipped because it failed previously on this runner. Running CodeQL analysis on a larger runner may allow overlay analysis to run successfully. + +Overlay analysis will be automatically retried when the next version of CodeQL is released. You can also manually trigger a retry by [removing](${"https://docs.github.com/en/actions/how-tos/manage-workflow-runs/manage-caches#deleting-cache-entries" /* DELETE_ACTIONS_CACHE_ENTRIES */}) \`codeql-overlay-status-*\` entries from the Actions cache.`, + severity: "note", + visibility: { + cliSummaryTable: true, + statusPage: true, + telemetry: true + } + } + ) + ); + } if (overlayDatabaseMode === "overlay" /* Overlay */ || await shouldPerformDiffInformedAnalysis( inputs.codeql, inputs.features, diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 7b6c3456a..05cf4487d 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -110058,7 +110058,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) { } async function addFingerprints(sarif, sourceRoot, logger) { logger.info( - `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` + `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` ); const callbacksByFile = {}; for (const run of sarif.runs || []) { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 3b4fc6d7d..c2e3e500c 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -110609,7 +110609,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) { } async function addFingerprints(sarif, sourceRoot, logger) { logger.info( - `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` + `Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.` ); const callbacksByFile = {}; for (const run2 of sarif.runs || []) { diff --git a/src/config-utils.test.ts b/src/config-utils.test.ts index d2e700bce..6679ca412 100644 --- a/src/config-utils.test.ts +++ b/src/config-utils.test.ts @@ -1015,6 +1015,7 @@ const getOverlayDatabaseModeMacro = test.macro({ expected: { overlayDatabaseMode: OverlayDatabaseMode; useOverlayDatabaseCaching: boolean; + skippedDueToCachedStatus?: boolean; }, ) => { return await withTmpDir(async (tempDir) => { @@ -1085,7 +1086,10 @@ const getOverlayDatabaseModeMacro = test.macro({ logger, ); - t.deepEqual(result, expected); + t.deepEqual(result, { + skippedDueToCachedStatus: false, + ...expected, + }); } finally { // Restore the original environment process.env = originalEnv; @@ -1318,6 +1322,7 @@ test( { overlayDatabaseMode: OverlayDatabaseMode.None, useOverlayDatabaseCaching: false, + skippedDueToCachedStatus: true, }, ); @@ -1337,6 +1342,7 @@ test( { overlayDatabaseMode: OverlayDatabaseMode.None, useOverlayDatabaseCaching: false, + skippedDueToCachedStatus: true, }, ); diff --git a/src/config-utils.ts b/src/config-utils.ts index 723490f8f..b9e9af3ed 100644 --- a/src/config-utils.ts +++ b/src/config-utils.ts @@ -27,9 +27,11 @@ import { } from "./config/db-config"; import { addNoLanguageDiagnostic, + makeDiagnostic, makeTelemetryDiagnostic, } from "./diagnostics"; import { shouldPerformDiffInformedAnalysis } from "./diff-informed-analysis-utils"; +import { DocUrl } from "./doc-url"; import { EnvVar } from "./environment"; import * as errorMessages from "./error-messages"; import { Feature, FeatureEnablement } from "./feature-flags"; @@ -739,9 +741,11 @@ export async function getOverlayDatabaseMode( ): Promise<{ overlayDatabaseMode: OverlayDatabaseMode; useOverlayDatabaseCaching: boolean; + skippedDueToCachedStatus: boolean; }> { let overlayDatabaseMode = OverlayDatabaseMode.None; let useOverlayDatabaseCaching = false; + let skippedDueToCachedStatus = false; const modeEnv = process.env.CODEQL_OVERLAY_DATABASE_MODE; // Any unrecognized CODEQL_OVERLAY_DATABASE_MODE value will be ignored and @@ -781,6 +785,7 @@ export async function getOverlayDatabaseMode( "Consider running CodeQL analysis on a larger runner.", ); overlayDatabaseMode = OverlayDatabaseMode.None; + skippedDueToCachedStatus = true; } else if ( performResourceChecks && !(await runnerSupportsOverlayAnalysis(diskUsage, ramInput, logger)) @@ -806,6 +811,7 @@ export async function getOverlayDatabaseMode( const nonOverlayAnalysis = { overlayDatabaseMode: OverlayDatabaseMode.None, useOverlayDatabaseCaching: false, + skippedDueToCachedStatus, }; if (overlayDatabaseMode === OverlayDatabaseMode.None) { @@ -870,6 +876,7 @@ export async function getOverlayDatabaseMode( return { overlayDatabaseMode, useOverlayDatabaseCaching, + skippedDueToCachedStatus, }; } @@ -1013,18 +1020,21 @@ export async function initConfig( // and queries, which in turn depends on the user config and the augmentation // properties. So we need to calculate the overlay database mode after the // rest of the config has been populated. - const { overlayDatabaseMode, useOverlayDatabaseCaching } = - await getOverlayDatabaseMode( - inputs.codeql, - inputs.features, - config.languages, - inputs.sourceRoot, - config.buildMode, - inputs.ramInput, - config.computedConfig, - gitVersion, - logger, - ); + const { + overlayDatabaseMode, + useOverlayDatabaseCaching, + skippedDueToCachedStatus: overlaySkippedDueToCachedStatus, + } = await getOverlayDatabaseMode( + inputs.codeql, + inputs.features, + config.languages, + inputs.sourceRoot, + config.buildMode, + inputs.ramInput, + config.computedConfig, + gitVersion, + logger, + ); logger.info( `Using overlay database mode: ${overlayDatabaseMode} ` + `${useOverlayDatabaseCaching ? "with" : "without"} caching.`, @@ -1032,6 +1042,32 @@ export async function initConfig( config.overlayDatabaseMode = overlayDatabaseMode; config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; + if (overlaySkippedDueToCachedStatus) { + addNoLanguageDiagnostic( + config, + makeDiagnostic( + "codeql-action/overlay-skipped-due-to-cached-status", + "Overlay analysis skipped due to cached status", + { + attributes: { + languages: config.languages, + }, + markdownMessage: + `Overlay analysis was skipped because it failed previously on this runner. ` + + "Running CodeQL analysis on a larger runner may allow overlay analysis to run successfully.\n\n" + + "Overlay analysis will be automatically retried when the next version of CodeQL is released. " + + `You can also manually trigger a retry by [removing](${DocUrl.DELETE_ACTIONS_CACHE_ENTRIES}) \`codeql-overlay-status-*\` entries from the Actions cache.`, + severity: "note", + visibility: { + cliSummaryTable: true, + statusPage: true, + telemetry: true, + }, + }, + ), + ); + } + if ( overlayDatabaseMode === OverlayDatabaseMode.Overlay || (await shouldPerformDiffInformedAnalysis( diff --git a/src/doc-url.ts b/src/doc-url.ts index 2c69ab49c..b888d3737 100644 --- a/src/doc-url.ts +++ b/src/doc-url.ts @@ -7,8 +7,9 @@ export enum DocUrl { AUTOMATIC_BUILD_FAILED = "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed", CODEQL_BUILD_MODES = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes", DEFINE_ENV_VARIABLES = "https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow", + DELETE_ACTIONS_CACHE_ENTRIES = "https://docs.github.com/en/actions/how-tos/manage-workflow-runs/manage-caches#deleting-cache-entries", SCANNING_ON_PUSH = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#scanning-on-push", SPECIFY_BUILD_STEPS_MANUALLY = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#about-specifying-build-steps-manually", SYSTEM_REQUIREMENTS = "https://codeql.github.com/docs/codeql-overview/system-requirements/", - TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS = "https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs", + TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS = "https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts", }