-
Notifications
You must be signed in to change notification settings - Fork 333
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Swift for private beta #1350
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! Could we check that language autodetection works for Swift too by adding a some more assertions to the pr-checks/checks/multi-language-autodetect.yml
test?
I actually made a separate Swift PR check because I saw that we deliberately made a separate Ruby check from the multilanguage test when Ruby was being rolled out for beta (https://github.com/github/codeql-action/pull/685/files). Do you think we should just combine them all into 1 check now, even though Swift is going to be in beta? To clarify though, I believe the autodetection itself is being tested with the Ruby check, and the Swift check I added. They're both finding the Ruby/Swift code in the |
The separate PR check makes sense, as we can validate that Swift isn't enabled when the experimental environment variable isn't set, because the autodetect languages test doesn't build a Swift DB. I think the thing that's missing from both Ruby and Swift is a test that the autodetection mechanism works, i.e. if you don't pass a |
Ah, makes sense! I made the following changes:
|
Autobuild and custom build PR checks now work 😄 Waiting on CLI side autodetection of Swift, and then hopefully that PR check will pass and this PR will be ready for review. EDIT: We have a |
What is "CLI side autodetection of Swift"? |
Also, the failing job' log contains the following (modified by hand for readability):
note the absence of Swift in the list of languages. |
Language autodetection is about figuring out what languages to analyze when users don't provide a # Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java We are in the process of migrating some functionality from the CodeQL Action to the CLI, including language autodetection. As a result, the functionality is different between the CodeQL Action and the CLI. Language autodetection for Swift for instance works in the CodeQL Action but not the CLI. My current thoughts about this is that Swift language autodetection not working in the CLI should not block merging this PR — we should disable it with |
Looking at the other failing jobs, "PR Check - Swift analysis using a custom build command" is hanging on macOS due to the .NET certificate prompt. We need to add |
Looks like we're not autodetecting Swift in the Action either — I think this is because the language auto-detection uses the languages on |
This PR should be ready to merge but is blocked on #1357 being merged first. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nice, thanks for your diligence with the PR checks! I think we just need to merge in main
to get the checked-in dependencies check passing.
This PR:
experimental
folder)CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT
environment variable set; it looks like all other mechanisms are already in place (ie. Swift is already in the list of traced languages) so am testing that. I noticed it was missing in the linguist to language prefixes map so added it there. Note that custom builds are supported on ubuntu and MacOS but autobuild is only supported on MacOS for the time being.Adding Swift to the languages.test.ts file will have been done in #1322 so I didn't add it to this PR to prevent the would-be merge conflict from refactoring the test.
As a follow-up, we should add a PR check to test that Swift can be auto-detected once the corresponding CLI change makes it to a release.
Merge / deployment checklist