feat: Add support for multiple extractors

Author: GeekMasher

action.yml

@@ -9,14 +9,16 @@ branding:
 inputs:
   token:
     description: GitHub Token
-  extractor:
-    description: GitHub Repository where the extractor is located
+  extractors:
+    description: GitHub Repository where the extractor(s) is located
     required: true
-  language:
+  languages:
     description: Language(s) to use
     required: true
   packs:
-    description: Query Packs to use
+    description: Query Pack(s) to use
+  allow-empty-database:
+    description: Allow empty database
   codeql-version:
     description: CodeQL Version
     default: latest
@@ -26,6 +28,8 @@ inputs:
     description: Attestation
     default: 'false'
 outputs:
+  sarif_results:
+    description: SARIF Results Directory
   version:
     description: Version of the extractor to use
   extractor_path:

src/action.rs

@@ -6,6 +6,14 @@ use ghactions::prelude::*;
 use ghactions_core::repository::reference::RepositoryReference as Repository;
 use ghastoolkit::{CodeQL, codeql::CodeQLLanguage};
 
+pub const BANNER: &str = r#"   ___          _        ____  __    __      _     _        _   
+  / __\___   __| | ___  /___ \/ /   /__\_  _| |_  /_\   ___| |_ 
+ / /  / _ \ / _` |/ _ \//  / / /   /_\ \ \/ / __|//_\\ / __| __|
+/ /__| (_) | (_| |  __/ \_/ / /___//__  >  <| |_/  _  \ (__| |_ 
+\____/\___/ \__,_|\___\___,_\____/\__/ /_/\_\\__\_/ \_/\___|\__|"#;
+pub const VERSION: &str = env!("CARGO_PKG_VERSION");
+pub const AUTHORS: &str = env!("CARGO_PKG_AUTHORS");
+
 /// This action is for 3rd party CodeQL extractors to be used in GitHub Actions
 #[derive(Actions, Debug, Clone, Default)]
 #[action(
@@ -29,19 +37,29 @@ pub struct Action {
 
     /// GitHub Repository where the extractor is located
     #[input(
-        description = "GitHub Repository where the extractor is located",
+        description = "GitHub Repository where the extractor(s) is located",
+        split = ",",
         required = true
     )]
-    extractor: String,
+    extractors: Vec<String>,
 
     /// Language(d) to use
     #[input(description = "Language(s) to use", split = ",", required = true)]
-    language: Vec<String>,
+    languages: Vec<String>,
 
     /// Queries packs to use
-    #[input(description = "Query Packs to use", split = ",")]
+    #[input(description = "Query Pack(s) to use", split = ",")]
     packs: Vec<String>,
 
+    /// Allow empty database. This allows for an extractor to error out if no database was
+    /// created dur to no source code being found for that language.
+    #[input(
+        description = "Allow empty database",
+        default = false,
+        rename = "allow-empty-database"
+    )]
+    allow_empty_database: bool,
+
     /// CodeQL Version
     #[input(
         description = "CodeQL Version",
@@ -62,6 +80,10 @@ pub struct Action {
     #[input(description = "Attestation", default = "false")]
     attestation: bool,
 
+    /// SARIF Results Directory
+    #[output(description = "SARIF Results Directory", rename = "sarif-results")]
+    sarif_results: String,
+
     /// Version of the extractor to use
     #[output(description = "Version of the extractor to use")]
     version: String,
@@ -78,31 +100,37 @@ impl Action {
             return std::env::current_dir().context("Failed to get current directory");
         }
         log::debug!("Using the provided working directory");
-        Ok(std::path::PathBuf::from(&self.working_directory)
+        std::path::PathBuf::from(&self.working_directory)
             .canonicalize()
             .context(format!(
                 "Failed to get working directory `{}`",
                 self.working_directory
-            ))?)
+            ))
     }
 
     /// Gets the repository to use for the extractor. If the repository is not provided,
     /// it will use the repository that the action is running in.
-    pub fn extractor_repository(&self) -> Result<Repository> {
-        let repo = if self.extractor.is_empty() {
+    pub fn extractor_repository(&self) -> Result<Vec<Repository>> {
+        if self.extractors.is_empty() {
             log::debug!("No extractor repository provided, using the current repository");
-            self.get_repository()?
-        } else {
-            log::debug!("Using the provided extractor repository");
-            self.extractor.clone()
-        };
-        log::info!("Extractor Repository :: {}", repo);
-
-        Ok(Repository::parse(&repo)?)
+            return Ok(vec![Repository::parse(&self.get_repository()?)?]);
+        }
+
+        log::debug!("Using the provided extractor repository");
+
+        Ok(self
+            .extractors
+            .iter()
+            .filter_map(|ext| {
+                Repository::parse(ext)
+                    .context(format!("Failed to parse extractor repository `{ext}`"))
+                    .ok()
+            })
+            .collect::<Vec<Repository>>())
     }
 
     pub fn languages(&self) -> Vec<CodeQLLanguage> {
-        self.language
+        self.languages
             .iter()
             .map(|lang| CodeQLLanguage::from(lang.as_str()))
             .collect()
@@ -111,10 +139,10 @@ impl Action {
     pub fn validate_languages(&self, codeql_languages: &Vec<CodeQLLanguage>) -> Result<()> {
         for lang in self.languages() {
             let mut supported = false;
-            log::debug!("Validating language `{}`", lang);
+            log::debug!("Validating language `{lang}`");
             for codeql_lang in codeql_languages {
                 if lang.language().to_lowercase() == codeql_lang.language().to_lowercase() {
-                    log::debug!("Language `{}` is supported", lang);
+                    log::debug!("Language `{lang}` is supported");
                     supported = true;
                     break;
                 }
@@ -144,19 +172,23 @@ impl Action {
     pub async fn install_packs(&self, codeql: &CodeQL) -> Result<()> {
         log::info!("Installing CodeQL Packs");
         for pack in &self.packs {
-            log::info!("Installing pack `{}`", pack);
+            log::info!("Installing pack `{pack}`");
 
             codeql
                 .run(vec!["pack", "download", pack])
                 .await
-                .context(format!("Failed to download pack `{}`", pack))?;
+                .context(format!("Failed to download pack `{pack}`"))?;
         }
         Ok(())
     }
 
     pub fn attestation(&self) -> bool {
         self.attestation
     }
+
+    pub fn allow_empty_database(&self) -> bool {
+        self.allow_empty_database
+    }
 }
 
 #[cfg(test)]
@@ -165,8 +197,8 @@ mod tests {
 
     fn action() -> Action {
         Action {
-            extractor: "owner/repo".to_string(),
-            language: vec!["iac".to_string()],
+            extractors: vec!["owner/repo".to_string()],
+            languages: vec!["iac".to_string()],
             ..Default::default()
         }
     }

src/extractors.rs

@@ -1,6 +1,6 @@
 use std::path::PathBuf;
 
-use anyhow::Result;
+use anyhow::{Context, Result};
 use ghactions_core::repository::reference::RepositoryReference as Repository;
 use octocrab::models::repos::{Asset, Release};
 
@@ -34,14 +34,16 @@ pub async fn fetch_extractor(
     attest: bool,
     output: &PathBuf,
 ) -> Result<PathBuf> {
-    let extractor_tarball = output.join("extractor.tar.gz");
-    let extractor_pack = output.join("extractor-pack");
-    let extractor_path = extractor_pack.join("codeql-extractor.yml");
+    let extractor_tarball = output.join(format!("{}.tar.gz", &repository.name));
+    log::debug!("Extractor Tarball :: {extractor_tarball:?}");
+    let extractor_pack = output.join(&repository.name);
+
+    log::info!("Extractor Path :: {extractor_pack:?}");
 
     let toolcache = ghactions::ToolCache::new();
 
     if !extractor_tarball.exists() {
-        log::info!("Downloading asset to {:?}", extractor_tarball);
+        log::info!("Downloading asset to {extractor_tarball:?}");
 
         let release = fetch_releases(client, repository).await?;
 
@@ -53,11 +55,15 @@ pub async fn fetch_extractor(
 
         let asset: Asset = client.get(release_asset.url.clone(), None::<&()>).await?;
 
-        toolcache.download_asset(&asset, &extractor_tarball).await?;
+        toolcache
+            .download_asset(&asset, &extractor_tarball)
+            .await
+            .context(format!("Extractor Archive: {extractor_tarball:?}"))
+            .context("Failed to download extractor")?;
     }
 
     if attest {
-        log::info!("Attesting asset {:?}", extractor_tarball);
+        log::info!("Attesting asset {extractor_tarball:?}");
 
         let output = tokio::process::Command::new("gh")
             .arg("attestation")
@@ -80,15 +86,31 @@ pub async fn fetch_extractor(
     }
 
     if !extractor_pack.exists() {
-        log::info!("Extracting asset to {:?}", extractor_path);
+        log::info!("Extracting asset to {extractor_pack:?}");
+
         toolcache
-            .extract_archive(&extractor_tarball, &output)
-            .await?;
+            .extract_archive(&extractor_tarball, &extractor_pack)
+            .await
+            .context(format!("Extractor Archive: {extractor_tarball:?}"))
+            .context("Failed to extract extractor")?;
+    }
 
-        if !extractor_path.exists() {
-            return Err(anyhow::anyhow!("Extractor not found"));
+    // Find `codeql-extractor.yml` in the extracted directory using glob
+    for glob in glob::glob(
+        &extractor_pack
+            .join("**/codeql-extractor.yml")
+            .to_string_lossy(),
+    )? {
+        match glob {
+            Ok(path) => {
+                log::debug!("Extractor Path :: {path:?}");
+                return Ok(path.parent().unwrap().to_path_buf().canonicalize()?);
+            }
+            Err(e) => {
+                log::error!("Failed to find extractor: {e}");
+                return Err(anyhow::anyhow!("Failed to find extractor: {e}"));
+            }
         }
     }
-
-    Ok(extractor_pack.canonicalize()?)
+    Ok(extractor_pack)
 }