Add option `tools: linked` for `tools` input of init action.

[NlightNFotis]

Description

The init action supports an input tools, which can get a range of values, including a special value latest that is supposed to force the use of the bundled version of CodeQL for the action.

The use of the word latest, however, might hint to users that this is really fetching the newest version of CodeQL, rather than the one associated with the action when it was released.

This PR is adding an option tools: linked that is functionally equivalent to tools: latest, but is supposed to guide user expectations as to the version that's actually used.

Review Guidance

• The basic mechanism that supports the new input option has been added in 80f8aff61df9b64baf81eb92e5feee41836749ca, in the file src/setup-codeql.ts.
• Tests for the new option, and the old option working in an equivalent manner have been added in 80f8aff61df9b64baf81eb92e5feee41836749ca, in the file src/setup-codeql.test.ts
• Tests for the logging of the version being present in the logs generated by the program have been added in 3a2da5f6fbc083d59fe140fd758936c132c2811d

Still outstanding

• [x] Will need to check whether readme or changelog need to be edited.
• [x] Will need to add documentation for the new option, but I want to do this as a different PR associated with https://github.com/github/codeql-action/issues/1327
• [x] Need to document some information transfer from Henry that unblocked me while trying to write a stub using Sinon.
  • Added https://github.com/github/codeql-core/pull/4293

Merge / deployment checklist

• [x] Confirm this change is backwards compatible with existing workflows.
• [x] Confirm the readme has been updated if necessary.
• [x] Confirm the changelog has been updated if necessary.

[aeisenberg]

Once this is done, we will also need to update the documentation in docs-internal. Though, I took a quick look and I can't find any reference to the tools input. Is this even documented there? The init action file contains a link to some documentation, but that page doesn't mention tools anywhere.

https://github.com/github/codeql-action/blob/main/init/action.yml#L17

For now, maybe we just need to update this input description with the new change and remove the link.

Then later, we should update the docs-internal with a full description of tools.

[NlightNFotis]

Very nice! Could you update the docs for tools in init/action.yml too?

Yes, this is my plan before the end of the ticket as a whole. I was originally thinking of doing this as part of a seperate PR that's designed to specifically address the issue in https://github.com/github/codeql-action/issues/1327.

Will raise this soon - unless there's a preference to address this in this PR? I was thinking that a separate PR will be cleaner, and can afford being more focused on drafting a good general documentation for tools, without being subjected to the review cycle/scope of this PR. Any thoughts?

[henrymercer]

It's not currently documented, so I'm happy with a separate PR if you prefer!

[NlightNFotis]

Apologies, I had to force push a rebase because of some issues with the CHANGELOG. What has changed in 5a08657:

• I moved the logging to the downstream function getCodeQLSource, with more specialised log messages at each return point.
• Added a deprecation notice for the tools: latest input.
• Added tests for the logging remaining valid for more code paths of the getCodeQLSource when called with different toolsInput arguments from setupCodeQLBundle function.

[NlightNFotis]

Hi @henrymercer, this is now ready for another round of reviews.