👷 init the CodeQL for async/await

Issue: CLDSRV-860

Author: DarkIsDude

.github/codeql/async-migration.ql

@@ -0,0 +1,21 @@
+/**
+ * @name Callback-style function (async migration)
+ * @description These functions use callback parameters. They should be refactored to use async/await.
+ * @kind problem
+ * @problem.severity recommendation
+ * @id js/callback-style-function
+ * @tags maintainability
+ *       async-migration
+ */
+
+import javascript
+
+from Function f, Parameter p
+where
+  p = f.getLastParameter() and
+  p.getName().regexpMatch("(?i)^(cb|callback|next|done)$") and
+  not f.isAsync() and
+  // Exclude test files and node_modules
+  not f.getFile().getPath().matches("%/tests/%") and
+  not f.getFile().getPath().matches("%/node_modules/%")
+select f, "This function uses a callback parameter ('" + p.getName() + "'). Refactor to async/await."

.github/codeql/async-suite.qls

@@ -0,0 +1,3 @@
+- description: Scality Cloudserver Async Migration Suite
+- queries: .
+- qlpack: codeql/javascript-queries

.github/codeql/async-then-chains.ql

@@ -0,0 +1,19 @@
+/**
+ * @name Promise .then() usage (async migration)
+ * @description These calls use .then() instead of async/await. They should be refactored to use async/await.
+ * @kind problem
+ * @problem.severity recommendation
+ * @id js/promise-then-usage
+ * @tags maintainability
+ *       async-migration
+ */
+
+import javascript
+
+from MethodCallExpr m
+where
+  m.getMethodName() = "then" and
+  // Exclude test files and node_modules
+  not m.getFile().getPath().matches("%/tests/%") and
+  not m.getFile().getPath().matches("%/node_modules/%")
+select m, "This call uses .then(). Refactor to async/await."

.github/scripts/count-async-functions.mjs

@@ -84,7 +84,7 @@ console.log('');
 console.log(`Migration (trend):    ${asyncFunctions}/${asyncFunctions + callbackFunctions} (${migrationPercent}%)`);
 
 if (process.env.GITHUB_STEP_SUMMARY) {
-    const { appendFileSync } = await import('node:fs');
+    const { appendFileSync, writeFileSync } = await import('node:fs');
     appendFileSync(process.env.GITHUB_STEP_SUMMARY, [
         '## Async/Await Migration Progress',
         '',
@@ -97,4 +97,24 @@ if (process.env.GITHUB_STEP_SUMMARY) {
         `| Migration trend (async / (async + callback)) | ${asyncFunctions}/${asyncFunctions + callbackFunctions} (${migrationPercent}%) |`,
         '',
     ].join('\n'));
+
+    // Output benchmark JSON for visualization
+    const benchmarkData = [
+        {
+            name: 'Async Migration Progress',
+            unit: '%',
+            value: parseFloat(migrationPercent),
+        },
+        {
+            name: 'Async Functions Percentage',
+            unit: '%',
+            value: parseFloat(asyncFunctionPercent),
+        },
+        {
+            name: 'Total callback functions',
+            unit: 'count',
+            value: callbackFunctions,
+        }
+    ];
+    writeFileSync('async-migration-benchmark.json', JSON.stringify(benchmarkData, null, 2));
 }

.github/workflows/codeql.yaml

@@ -20,6 +20,7 @@ jobs:
         uses: github/codeql-action/init@v3
         with:
           languages: javascript, python, ruby
+          queries: security-extended,./.github/codeql/async-suite.qls
 
       - name: Build and analyze
         uses: github/codeql-action/analyze@v3

.github/workflows/tests.yaml

@@ -122,6 +122,18 @@ jobs:
       run: yarn install --frozen-lockfile --network-concurrency 1
     - name: Count async/await migration progress
       run: yarn run count-async
+    - name: Store benchmark results
+      uses: benchmark-action/github-action-benchmark@v1
+      with:
+        name: Async Migration Benchmark
+        tool: 'customGeneric'
+        output-file-path: async-migration-benchmark.json
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        auto-push: true
+        # Show alert if percentage drops
+        comment-on-alert: true
+        alert-threshold: '110%'
+        fail-on-alert: false
 
   unit-tests:
     runs-on: ubuntu-24.04