feat(codeql): new codeql db parameter (#3902)

2025-01-18 05:18:24 +02:00 · 2022-07-20 10:07:57 +02:00 · 2022-07-20 10:07:57 +02:00 · 818be9d428
commit 818be9d428
parent 604764998f
3 changed files with 22 additions and 3 deletions
--- a/cmd/codeqlExecuteScan.go
+++ b/cmd/codeqlExecuteScan.go
@ -171,7 +171,7 @@ func uploadResults(config *codeqlExecuteScanOptions, utils codeqlExecuteScanUtil

 func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telemetry.CustomData, utils codeqlExecuteScanUtils) error {
 	var reports []piperutils.Path
-	cmd := []string{"database", "create", "db", "--overwrite", "--source-root", config.ModulePath}
+	cmd := []string{"database", "create", config.Database, "--overwrite", "--source-root", config.ModulePath}

 	language := getLangFromBuildTool(config.BuildTool)

@ -202,7 +202,7 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
 	os.MkdirAll(fmt.Sprintf("%vtarget", config.ModulePath), os.ModePerm)

 	cmd = nil
-	cmd = append(cmd, "database", "analyze", "--format=sarif-latest", fmt.Sprintf("--output=%vtarget/codeqlReport.sarif", config.ModulePath), "db")
+	cmd = append(cmd, "database", "analyze", "--format=sarif-latest", fmt.Sprintf("--output=%vtarget/codeqlReport.sarif", config.ModulePath), config.Database)
 	cmd = codeqlQuery(cmd, config.QuerySuite)
 	err = execute(utils, cmd, GeneralConfig.Verbose)
 	if err != nil {
@ -213,7 +213,7 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
 	reports = append(reports, piperutils.Path{Target: fmt.Sprintf("%vtarget/codeqlReport.sarif", config.ModulePath)})

 	cmd = nil
-	cmd = append(cmd, "database", "analyze", "--format=csv", fmt.Sprintf("--output=%vtarget/codeqlReport.csv", config.ModulePath), "db")
+	cmd = append(cmd, "database", "analyze", "--format=csv", fmt.Sprintf("--output=%vtarget/codeqlReport.csv", config.ModulePath), config.Database)
 	cmd = codeqlQuery(cmd, config.QuerySuite)
 	err = execute(utils, cmd, GeneralConfig.Verbose)
 	if err != nil {
--- a/cmd/codeqlExecuteScan_generated.go
+++ b/cmd/codeqlExecuteScan_generated.go
@ -25,6 +25,7 @@ type codeqlExecuteScanOptions struct {
 	BuildCommand  string `json:"buildCommand,omitempty"`
 	Language      string `json:"language,omitempty"`
 	ModulePath    string `json:"modulePath,omitempty"`
+	Database      string `json:"database,omitempty"`
 	QuerySuite    string `json:"querySuite,omitempty"`
 	UploadResults bool   `json:"uploadResults,omitempty"`
 	AnalyzedRef   string `json:"analyzedRef,omitempty"`
@ -173,6 +174,7 @@ func addCodeqlExecuteScanFlags(cmd *cobra.Command, stepConfig *codeqlExecuteScan
 	cmd.Flags().StringVar(&stepConfig.BuildCommand, "buildCommand", os.Getenv("PIPER_buildCommand"), "Command to build the project")
 	cmd.Flags().StringVar(&stepConfig.Language, "language", os.Getenv("PIPER_language"), "The programming language used to analyze.")
 	cmd.Flags().StringVar(&stepConfig.ModulePath, "modulePath", `./`, "Allows providing the path for the module to scan")
+	cmd.Flags().StringVar(&stepConfig.Database, "database", `codeqlDB`, "Path to the CodeQL database to create. This directory will be created, and must not already exist.")
 	cmd.Flags().StringVar(&stepConfig.QuerySuite, "querySuite", os.Getenv("PIPER_querySuite"), "The name of a CodeQL query suite. If omitted, the default query suite for the language of the database being analyzed will be used.")
 	cmd.Flags().BoolVar(&stepConfig.UploadResults, "uploadResults", false, "Allows you to upload codeql SARIF results to your github project. You will need to set githubToken for this.")
 	cmd.Flags().StringVar(&stepConfig.AnalyzedRef, "analyzedRef", os.Getenv("PIPER_analyzedRef"), "Name of the ref that was analyzed.")
@ -252,6 +254,15 @@ func codeqlExecuteScanMetadata() config.StepData {
 						Aliases:     []config.Alias{},
 						Default:     `./`,
 					},
+					{
+						Name:        "database",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
+						Type:        "string",
+						Mandatory:   false,
+						Aliases:     []config.Alias{},
+						Default:     `codeqlDB`,
+					},
 					{
 						Name:        "querySuite",
 						ResourceRef: []config.ResourceReference{},
--- a/resources/metadata/codeqlExecuteScan.yaml
+++ b/resources/metadata/codeqlExecuteScan.yaml
@ -74,6 +74,14 @@ spec:
          - STAGES
          - STEPS
        default: "./"
+      - name: database
+        type: string
+        description: "Path to the CodeQL database to create. This directory will be created, and must not already exist."
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        default: "codeqlDB"
      - name: querySuite
        type: string
        description: "The name of a CodeQL query suite. If omitted, the default query suite for the language of the database being analyzed will be used."