search

github / codeql-cli-binaries

Binaries for the CodeQL CLI
Other
743 stars 109 forks source link

Cannot access CodeQL environment variables in `database create --command` #2

Open max-schaefer opened 4 years ago

max-schaefer commented 4 years ago

I would like to explicitly invoke the JavaScript autobuilder as part of codeql database create, with the ultimate goal of passing it some custom options. However, even invoking it without any options isn't as easy as I would have hoped, since I cannot figure out how to access CodeQL environment variables to specify the path to the autobuilder.

My first attempt of

codeql database create -l javascript --command '${CODEQL_EXTRACTOR_JAVASCRIPT_ROOT}/tools/autobuild.sh /path/to/database

was met with

A fatal error occurred: Failed to expand '${CODEQL_EXTRACTOR_JAVASCRIPT_ROOT}/tools/autobuild.sh' as an argument list.
(eventual cause: UserError "Attempting to expand unknown variable: CODEQL_EXTRACTOR_JAVASCRIPT_ROOT, available variables are: []")

@lcartey suggested adding env. like so:

codeql database create -l javascript --command '${env.CODEQL_EXTRACTOR_JAVASCRIPT_ROOT}/tools/autobuild.sh' /path/to/database

but that resulted in

A fatal error occurred: Failed to expand '${env.CODEQL_EXTRACTOR_JAVASCRIPT_ROOT}/tools/autobuild.sh' as an argument list.
(eventual cause: UserError "Attempting to expand unknown variable: env.CODEQL_EXTRACTOR_JAVASCRIPT_ROOT, ava...")

I am pretty sure this is the right environment variable name, cf. here.

Specifying the full path to the autobuild script is, of course, possible, but annoying.

hmakholm commented 4 years ago

The expansion that fails seems to be the one that happens in line 90 of CreateCommand.java. It is part of codeql database create, whereas the specific environment variables are only being created inside the codeql database trace-command that create subsequently invokes.

It is not clear to me why database create wants to expand variables at that point at all -- I suspect it is for the side effect of splitting the command into words. (Arguably that would be better left to the shell, keeping each command as a single string the entire way through and passing it to sh -c when we're ready to launch it).

sam-cha-tfs commented 1 year ago

Has this been resolved? I am having the same issue.

adityasharad commented 1 year ago

@sam-cha-tfs could you share exactly what you are trying to do? If you are just trying to invoke the CodeQL autobuilder for JS, codeql database create --language javascript (without a --command) should be enough; if you're trying something more advanced we'll need more information to guide you.

sam-cha-tfs commented 1 year ago

I will probably open a new ticket. It's a different error but similar. Basically I am trying to use env variables set in a jenkins file to pass in to the--command and I was met with the following:

(eventual cause: UserError "Attempting to expand unknown variable: build_config, available variables are: []")