Go / configure-baseline: account for multiple vendor directories and the CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS setting

Our existing configure-baseline scripts would give the wrong result if a `vendor` directory wasn't at the root of the repository, or if the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` variable was set to `true` indicating the user wants their vendored code scanned.

Here I replace the shell scripts that implemented the very simplest behaviour with a small Go program.

Author: smowton

go/BUILD.bazel

@@ -47,6 +47,7 @@ codeql_pkg_files(
         "//go/extractor/cli/go-autobuilder",
         "//go/extractor/cli/go-bootstrap",
         "//go/extractor/cli/go-build-runner",
+        "//go/extractor/cli/go-configure-baseline",
         "//go/extractor/cli/go-extractor",
         "//go/extractor/cli/go-gen-dbscheme",
         "//go/extractor/cli/go-tokenizer",

go/codeql-tools/baseline-config-empty.json

@@ -1,6 +1,7 @@
 @echo off
-if exist vendor\modules.txt (
-  type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-vendor.json"
-) else (
-  type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-empty.json"
-)
+SETLOCAL EnableDelayedExpansion
+
+type NUL && "%CODEQL_EXTRACTOR_GO_ROOT%/tools/%CODEQL_PLATFORM%/go-configure-baseline.exe"
+exit /b %ERRORLEVEL%
+
+ENDLOCAL

go/codeql-tools/baseline-config-vendor.json

@@ -1,7 +1,3 @@
 #!/bin/sh
 
-if [ -f vendor/modules.txt ]; then
-  cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-vendor.json"
-else
-  cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-empty.json"
-fi
+"$CODEQL_EXTRACTOR_GO_ROOT/tools/$CODEQL_PLATFORM/go-configure-baseline"

go/codeql-tools/configure-baseline.cmd

@@ -0,0 +1,14 @@
+package main
+
+import (
+	"github.com/github/codeql-go/extractor/configurebaseline"
+)
+
+func main() {
+	jsonResult, err := configurebaseline.GetConfigBaselineAsJSON(".")
+	if err != nil {
+		panic(err)
+	} else {
+		println(string(jsonResult))
+	}
+}

go/codeql-tools/configure-baseline.sh

@@ -0,0 +1,48 @@
+package configurebaseline
+
+import (
+	"encoding/json"
+	"io/fs"
+	"os"
+	"path"
+	"path/filepath"
+)
+
+func fileExists(path string) bool {
+	stat, err := os.Stat(path)
+	return err == nil && stat.Mode().IsRegular()
+}
+
+func isGolangVendorDirectory(dirPath string) bool {
+	// Call a directory a Golang vendor directory if it contains a modules.txt file.
+	return path.Base(dirPath) == "vendor" && fileExists(path.Join(dirPath, "modules.txt"))
+}
+
+type PathsIgnoreStruct struct {
+	PathsIgnore []string `json:"paths-ignore"`
+}
+
+func GetConfigBaselineAsJSON(rootDir string) ([]byte, error) {
+	vendorDirs := make([]string, 0)
+
+	// If CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS is "true":
+	if os.Getenv("CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS") == "true" {
+		// The user wants vendor directories scanned; emit an empty report.
+	} else {
+		filepath.WalkDir(rootDir, func(dirPath string, d fs.DirEntry, err error) error {
+			if err != nil {
+				// Mask any unreadable paths.
+				return nil
+			}
+			if isGolangVendorDirectory(dirPath) {
+				vendorDirs = append(vendorDirs, path.Join(dirPath, "**"))
+				return filepath.SkipDir
+			} else {
+				return nil
+			}
+		})
+	}
+
+	outputStruct := PathsIgnoreStruct{PathsIgnore: vendorDirs}
+	return json.Marshal(outputStruct)
+}