Check telemetry in PR check to ensure .tar.zst downloaded

Author: henrymercer

.github/workflows/__zstd-bundle.yml

@@ -1,12 +1,15 @@
 name: "Zstandard bundle"
-description: "Tests using a CodeQL Bundle compressed using Zstandard"
+description: "Tests the feature flag that downloads a Zstandard-compressed CodeQL Bundle by default"
 versions:
   - linked
 operatingSystems:
   - ubuntu
 env:
   CODEQL_ACTION_ZSTD_BUNDLE: true
 steps:
+  - name: Remove CodeQL from toolcache
+    run: |
+      rm -rf $RUNNER_TOOL_CACHE/CodeQL
   - id: init
     uses: ./../action/init
     with:
@@ -17,3 +20,44 @@ steps:
     shell: bash
     run: ./build.sh
   - uses: ./../action/analyze
+    with:
+      output: ${{ runner.temp }}/results
+      upload-database: false
+  - name: Upload SARIF
+    uses: actions/upload-artifact@v3
+    with:
+      name: zstd-bundle.sarif
+      path: ${{ runner.temp }}/results/cpp.sarif
+      retention-days: 7
+  - name: Check diagnostic with expected tools URL appears in SARIF
+    uses: actions/github-script@v7
+    env:
+      SARIF_PATH: ${{ runner.temp }}/results/cpp.sarif
+    with:
+      script: |
+        const fs = require('fs');
+
+        const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
+        const run = sarif.runs[0];
+
+        const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
+        const downloadTelemetryNotifications = toolExecutionNotifications.filter(n =>
+          n.descriptor.id === 'codeql-action/bundle-download-telemetry'
+        );
+        if (downloadTelemetryNotifications.length !== 1) {
+          core.setFailed(
+            'Expected exactly one reporting descriptor in the ' +
+              `'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
+              `${downloadTelemetryNotifications.length}. All notification reporting descriptors: ` +
+              `${JSON.stringify(toolExecutionNotifications)}.`
+          );
+        }
+
+        const toolsUrl = downloadTelemetryNotifications[0].properties.attributes.toolsUrl;
+        console.log(`Found tools URL: ${toolsUrl}`);
+
+        if (!toolsUrl.endsWith('.tar.zst')) {
+          core.setFailed(
+            `Expected the tools URL to be a .tar.zst file, but found ${toolsUrl}.`
+          );
+        }