Add support for default code scanning config

rvermeulen · web-flow · commit 49ec7986f1ad · 2023-07-25T14:03:43.000-07:00
diff --git a/codeql_bundle/cli.py b/codeql_bundle/cli.py
@@ -11,7 +11,7 @@
 from pathlib import Path
 from codeql_bundle.helpers.codeql import CodeQLException
 from codeql_bundle.helpers.bundle import CustomBundle, BundleException, BundlePlatform
-from typing import List
+from typing import List, Optional
 import sys
 import logging
 
@@ -50,13 +50,15 @@
     default="WARNING",
 )
 @click.option("-p", "--platform", multiple=True, type=click.Choice(["linux64", "osx64", "win64"], case_sensitive=False), help="Target platform for the bundle")
+@click.option("-c", "--code-scanning-config", type=click.Path(exists=True, path_type=Path), help="Path to a Code Scanning configuration file that will be the default for the bundle")
 @click.argument("packs", nargs=-1, required=True)
 def main(
     bundle_path: Path,
     output: Path,
     workspace: Path,
     loglevel: str,
     platform: List[str],
+    code_scanning_config: Optional[Path],
     packs: List[str],
 ) -> None:
 
@@ -119,6 +121,9 @@ def main(
             f"Adding the pack(s) {','.join(map(lambda p: p.config.name, selected_packs))} and its workspace dependencies to the custom bundle."
         )
         bundle.add_packs(*selected_packs)
+        if code_scanning_config:
+            logger.info(f"Adding the Code Scanning configuration file {code_scanning_config} to the custom bundle.")
+            bundle.add_code_scanning_config(code_scanning_config)
         logger.info(f"Bundling custom bundle(s) at {output}")
         platforms = set(map(BundlePlatform.from_string, platform))
         bundle.bundle(output, platforms)
diff --git a/codeql_bundle/helpers/bundle.py b/codeql_bundle/helpers/bundle.py
@@ -296,7 +296,7 @@ def add_to_graph(pack: ResolvedCodeQLPack, processed_packs: set[ResolvedCodeQLPa
                             logger.debug(f"Adding stdlib dependency {std_lib_dep.config.name}@{str(std_lib_dep.config.version)} to {pack.config.name}@{str(pack.config.version)}")
                             pack.dependencies.append(std_lib_dep)
                 logger.debug(f"Adding pack {pack.config.name}@{str(pack.config.version)} to dependency graph")
-                pack_sorter.add(pack)
+                pack_sorter.add(pack, *pack.dependencies)
                 for dep in pack.dependencies:
                     if dep not in processed_packs:
                         add_to_graph(dep, processed_packs, std_lib_deps)
@@ -537,7 +537,9 @@ def bundle_query_pack(pack: ResolvedCodeQLPack):
                     self.bundle_path / "qlpacks",
                 )
 
-        for pack in pack_sorter.static_order():
+        sorted_packs = list(pack_sorter.static_order())
+        logger.debug(f"Sorted packs: {' -> '.join(map(lambda p: p.config.name, sorted_packs))}")
+        for pack in sorted_packs:
             if pack.kind == CodeQLPackKind.CUSTOMIZATION_PACK:
                 bundle_customization_pack(pack)
             elif pack.kind == CodeQLPackKind.LIBRARY_PACK:
@@ -548,7 +550,14 @@ def bundle_query_pack(pack: ResolvedCodeQLPack):
             elif pack.kind == CodeQLPackKind.QUERY_PACK:
                 bundle_query_pack(pack)
 
-    def bundle(self, output_path: Path, platforms: set[BundlePlatform] = set()):
+    def add_code_scanning_config(self, default_config: Path):
+        if not default_config.exists():
+            raise BundleException(f"Default config {default_config} does not exist.")
+        if not default_config.is_file():
+            raise BundleException(f"Default config {default_config} is not a file.")
+        shutil.copy(default_config, self.bundle_path / "default-codeql-config.yml")
+
+    def bundle(self, output_path: Path, platforms: set[BundlePlatform] = set(), default_config : Optional[Path] = None):
         if len(platforms) == 0:
             if output_path.is_dir():
                 output_path = output_path / "codeql-bundle.tar.gz"
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "codeql-bundle"
-version = "0.1.8"
+version = "0.1.9"
 description = "Tool to create custom CodeQL bundles"
 authors = ["Remco Vermeulen <rvermeulen@users.noreply.github.com>"]
 readme = "README.md"
diff --git a/tests/workspace/cpp/aa/qlpack.yml b/tests/workspace/cpp/aa/qlpack.yml
@@ -4,4 +4,4 @@ warnOnImplicitThis: false
 name: test/aa
 version: 0.0.1
 dependencies:
-  "codeql/cpp-all": "0.7.4"
+  "codeql/cpp-all": "^0.8.0"
diff --git a/tests/workspace/cpp/foo-customizations/qlpack.yml b/tests/workspace/cpp/foo-customizations/qlpack.yml
@@ -2,4 +2,4 @@ library: True
 name: foo/cpp-customizations
 version: 0.0.1
 dependencies:
-  "codeql/cpp-all": "0.7.4"
+  "codeql/cpp-all": "^0.8.0"
