Skip to content

Support requesting latest nightly with tools: nightly #3130

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
henrymercer merged 11 commits into from
Sep 22, 2025
Merged

Support requesting latest nightly with tools: nightly #3130

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
0f4529e
Enable requesting latest nightly with "tools: nightly"
henrymercer Sep 22, 2025
9e8cbee
Process nightly CI runs using `tools: nightly`
henrymercer Sep 22, 2025
67427c6
Update prepare-test docs
henrymercer Sep 22, 2025
39be66a
Add log message
henrymercer Sep 22, 2025
48017e9
Add changelog note
henrymercer Sep 22, 2025
a25c57c
Wrap API call to provide better error message
henrymercer Sep 22, 2025
79e0afb
Run local CodeQL check using linked bundle
henrymercer Sep 22, 2025
bd51630
Specify bundle URL in local bundle PR check
henrymercer Sep 22, 2025
e2e36b1
Add helper function for reserved tools values
henrymercer Sep 22, 2025
4901f54
Lint
henrymercer Sep 22, 2025
5ab5aef
Document `nightly` tools input in `action.yml`
henrymercer Sep 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 26 additions & 1 deletion lib/analyze-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 26 additions & 1 deletion lib/init-action-post.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 26 additions & 1 deletion lib/init-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 26 additions & 1 deletion lib/upload-lib.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 26 additions & 1 deletion lib/upload-sarif-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

43 changes: 43 additions & 0 deletions src/setup-codeql.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,11 @@ export enum ToolsSource {
}

export const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
const CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";

const CODEQL_BUNDLE_VERSION_ALIAS: string[] = ["linked", "latest"];
const CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
Comment thread
henrymercer marked this conversation as resolved.

function getCodeQLBundleExtension(
compressionMethod: tar.CompressionMethod,
Expand Down Expand Up @@ -277,6 +280,7 @@ export async function getCodeQLSource(
if (
toolsInput &&
!CODEQL_BUNDLE_VERSION_ALIAS.includes(toolsInput) &&
!CODEQL_NIGHTLY_TOOLS_INPUTS.includes(toolsInput) &&
!toolsInput.startsWith("http")
) {
logger.info(`Using CodeQL CLI from local path ${toolsInput}`);
Comment thread
mbg marked this conversation as resolved.
Expand Down Expand Up @@ -331,6 +335,13 @@ export async function getCodeQLSource(
*/
let url: string | undefined;

if (
toolsInput !== undefined &&
CODEQL_NIGHTLY_TOOLS_INPUTS.includes(toolsInput)
) {
toolsInput = await getNightlyToolsUrl(logger);
}

if (forceShippedTools) {
cliVersion = defaults.cliVersion;
tagName = defaults.bundleVersion;
Expand Down Expand Up @@ -771,3 +782,35 @@ async function useZstdBundle(
function getTempExtractionDir(tempDir: string) {
return path.join(tempDir, uuidV4());
}

/**
* Get the URL of the latest nightly CodeQL bundle.
*/
async function getNightlyToolsUrl(logger: Logger) {
const zstdAvailability = await tar.isZstdAvailable(logger);
// The nightly is guaranteed to have a zstd bundle
const compressionMethod = (await useZstdBundle(
CODEQL_VERSION_ZSTD_BUNDLE,
zstdAvailability.available,
))
? "zstd"
: "gzip";

// Since nightlies are prereleases, we can't just download the latest release
// on the repository. So instead we need to find the latest pre-release
// version and construct the download URL from that.
const release = await api.getApiClient().rest.repos.listReleases({
owner: CODEQL_NIGHTLIES_REPOSITORY_OWNER,
repo: CODEQL_NIGHTLIES_REPOSITORY_NAME,
per_page: 1,
page: 1,
prerelease: true,
});
Comment thread
henrymercer marked this conversation as resolved.
Outdated

const latestRelease = release.data[0];
if (!latestRelease) {
throw new Error("Could not find latest nightly release.");
Comment thread
henrymercer marked this conversation as resolved.
Outdated
}

return `https://github.com/${CODEQL_NIGHTLIES_REPOSITORY_OWNER}/${CODEQL_NIGHTLIES_REPOSITORY_NAME}/releases/download/${latestRelease.tag_name}/${getCodeQLBundleName(compressionMethod)}`;
Copy link
Copy Markdown
Member

@mbg mbg Sep 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make sense to look through the release artifacts and search for the one we want, like we do for update-job-proxy?

Copy link
Copy Markdown
Contributor Author

@henrymercer henrymercer Sep 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could do but using the http URL is closer to how users would specify a bundle with the tools input. Things might be less optimal if we used URLs returned by the API since we perform a few optimizations by inspecting the URL structure.

}