Add option to force customization

Add the option to force customization for languages that don't have a Customization.qll.
This enable customization for Ruby for which the Customization.qll hasn't been integrated into the latest CodeQL Bundle.

.github/workflows/build-bundles.yml

@@ -9,6 +9,9 @@ on:
       - main
   workflow_dispatch:
 
+env:
+  FORCE_CUSTOMIZATION: "false"
+
 jobs:
   prepare-bundles-matrix:
     name: "Prepare CodeQL bundle matrix"
@@ -64,23 +67,32 @@ jobs:
               qlquery_path=codeql/qlpacks/codeql/$lang-queries/$qlquery_version
             fi
 
-            if [ -f $qllib_path/Customizations.qll ];
-            then 
-              mkdir $qllib_path/customizations
-              cp $lang_path/*.qll $qllib_path/customizations
-
-              # Import custom modules
-              for module_path in $lang_path/*.qll; do
-                module_file=${module_path##*/}
-                module_name=${module_file%.*}
-                echo "import customizations.$module_name" >> $qllib_path/Customizations.qll
-              done
-
-              # Rebuild cache
-              rm -r $qlquery_path/.cache
-              codeql/codeql query compile --search-path codeql --threads 0 $qlquery_path
+            if [ -d $qllib_path ]; then
+              if [ ! -f $qllib_path/Customizations.qll ] && [ "$FORCE_CUSTOMIZATION" = "true" ]; then
+                echo "::warning::Forcing customization for language $lang"
+                echo "import $lang" > $qllib_path/Customizations.qll
+                sed -i -e '0,/^import/s//private import Customizations\nimport/' $qllib_path/$lang.qll
+              fi
+
+              if [ -f $qllib_path/Customizations.qll ]; then
+                mkdir $qllib_path/customizations
+                cp $lang_path/*.qll $qllib_path/customizations
+
+                # Import custom modules
+                for module_path in $lang_path/*.qll; do
+                  module_file=${module_path##*/}
+                  module_name=${module_file%.*}
+                  echo "import customizations.$module_name" >> $qllib_path/Customizations.qll
+                done
+
+                # Rebuild cache
+                rm -r $qlquery_path/.cache
+                codeql/codeql query compile --search-path codeql --threads 0 $qlquery_path
+              else
+                echo "::warning::Skipping customization for language $lang, because it doesn't have a Customizations.qll"
+              fi
             else
-              echo "Skipping customization for language $lang, because it doesn't have a Customizations.qll"
+              echo "::error::Unable to customize language $lang, because it is not present in the CodeQL Bundle $CODEQL_BUNDLE"
             fi
           done
 

README.md

@@ -13,7 +13,9 @@ At current this repository will work with the following languages:
 - C# 
 - Go
 
-Support for Ruby is being added. 
+Official support for Ruby will be added when the `Customizations.qll` is made available in the selected CodeQL bundles specified in the `bundles.json`.
+As an unofficial workaround you can change the environment variable `FORCE_CUSTOMIZATION` in the `.github/build-bundles.yml` to `"true"`.
+The forced customization will create a `Customizations.qll` file and prepend it to the language specific library (e.g., `cpp.qll`, `ruby.qll`).
 
 # Using the Custom CodeQL Bundle
 

customizations/ruby/CustomSources.qll

@@ -0,0 +1,8 @@
+import ruby
+import codeql.ruby.dataflow.RemoteFlowSources
+
+class CustomSource extends RemoteFlowSource::Range {
+  CustomSource() { this.asExpr().getExpr().(MethodCall).getMethodName() = "source" }
+
+  override string getSourceType() { result = "test" }
+}