From dbbaf08ad88589c5cd76175763a51be2a5937ebb Mon Sep 17 00:00:00 2001
From: Andrei Pavel <andrei@isc.org>
Date: Thu, 11 Jul 2024 15:56:07 +0300
Subject: [PATCH] [#1279] update codeql and golang versions

- switch go to manual build mode to fix "Some packages could not be found"
- ping go version in the new setup-go action to fix "Invalid Go toolchain version"
- update action versions
---
 .github/workflows/codeql.yml | 37 +++++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 58921dc39..3c3de0895 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -20,23 +20,46 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ javascript, go, python ]
+        include:
+          - language: go
+            build-mode: manual
+          - language: python
+            build-mode: autobuild
+          - language: typescript
+            build-mode: autobuild
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        if: ${{ matrix.language == 'go' }}
+        uses: actions/setup-go@v5
+        with:
+          cache-dependency-path: backend/go.sum
+          go-version: 1.22.5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
           queries: +security-and-quality
 
+      # Remove the tools directory to not perform analysis on go dependencies which results in
+      # unactionable errors like "use of internal package not allowed", "generic function is missing function body",
+      # "invalid recursive type: bool refers to itself", "could not import package" and others.
+      - name: Manual Go Build
+        if: ${{ matrix.language == 'go' }}
+        run: |
+          rake build:agent
+          rake build:server
+          sudo rm -r ./tools
+
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
-        if: ${{ matrix.language == 'javascript' || matrix.language == 'go' || matrix.language == 'python' }}
+        if: ${{ matrix.language == 'python' || matrix.language == 'typescript' }}
+        uses: github/codeql-action/autobuild@v3
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
         with:
-          category: "/language:${{ matrix.language }}" 
+          category: "/language:${{ matrix.language }}"