Ruby: Change how we pull in shared/tree-sitter-extractor dependency

Previously, we pulled in the shared tree-sitter extractor via a `git`
dependency in `Cargo.toml` to address a `rules_rust` limitation (no `path`
dependencies outside of the cargo workspace)). This was a problem,
as that means we're cloning `github/codeql` _again_ for the build, which is
quite slow.

I found another way that is faster, and still produces correct builds
for both `cargo`` and `rules_rust`:
* Cargo depends on a fake crate that has the same dependencies as the real crate (thanks to `sync-files.py`). Therefore, cargo pulls in the right dependencies into the lockfile, which bazel targets
* For local builds, we override the path to that dependency in a cargo config, so we're pulling in the correct code
* rules_rust only uses `path` dependencies for collecting transitive dependencies, it never pulls in the code from there. So far that, we manually provide a `BUILD.bazel` file for the shared extractor, and depend on that.

Author: criemen

config/identical-files.json

@@ -364,5 +364,9 @@
   "Python model summaries test extension": [
     "python/ql/test/library-tests/dataflow/model-summaries/InlineTaintTest.ext.yml",
     "python/ql/test/library-tests/dataflow/model-summaries/NormalDataflowTest.ext.yml"
+  ],
+  "shared tree-sitter extractor cargo.toml": [
+    "shared/tree-sitter-extractor/Cargo.toml",
+    "ruby/extractor/codeql-extractor-fake-crate/Cargo.toml"
   ]
 }

ruby/extractor/.cargo/config.toml

@@ -0,0 +1 @@
+paths = ["../../shared/tree-sitter-extractor"]

ruby/extractor/BUILD.bazel

@@ -11,5 +11,7 @@ codeql_rust_binary(
     visibility = ["//visibility:public"],
     deps = all_crate_deps(
         normal = True,
-    ),
+    ) + [
+        "//shared/tree-sitter-extractor:codeql-extractor",
+    ],
 )

ruby/extractor/Cargo.lock

@@ -1,3 +1,4 @@
+[workspace]
 [package]
 name = "codeql-extractor-ruby"
 description = "CodeQL Ruby extractor"
@@ -27,14 +28,8 @@ encoding = "0.2"
 lazy_static = "1.4.0"
 # Ideally, we'd like to pull this in via a relative path.
 # However, our bazel/rust tooling chokes on this, c.f. https://github.com/bazelbuild/rules_rust/issues/1525
-# Therefore, to break that dependency, we depend on it via a git dependency instead.
-# We should change this back to a path dependency once this issue is fixed.
-# We can't depend on this without a rev/branch specification, as the rules_rust code assumes the default branch
-# is called `master`, and if we pull this in with `branch=main`, then `cargo` works (and pins this at th current git SHA
-# of lock-file update time, but `rules_rust` pins generates a bazel rule that unconditionally downloads `main`, which
-# breaks build hermeticity. So, rev-pinning it is.
-# See also https://github.com/bazelbuild/rules_rust/issues/2502.
-codeql-extractor = { git = "https://github.com/github/codeql.git", rev = "0dbce3d077f6f31a8d660aea104ee31cacf6bacd" }
+# Therefore, we have a pretty bad hack in place instead, see README.md in the codeql-extractor-fake-crate directory.
+codeql-extractor = { path = "codeql-extractor-fake-crate" }
 
 [patch.crates-io]
-tree-sitter = {git = "https://github.com/redsun82/tree-sitter.git", rev = "1f5c1112ceaa8fc6aff61d1852690407670d2a96"}
+tree-sitter = { git = "https://github.com/redsun82/tree-sitter.git", rev = "1f5c1112ceaa8fc6aff61d1852690407670d2a96" }