Go: Improve package-not-found diagnostic

[mbg]

This PR improves the go/autobuilder/package-not-found diagnostic based on experiences with the current version of it:

• Even though the diagnostic is severityWarning, users sometimes interpret it as an error and incorrectly assume that the Go analysis is not working at all.
• While the message suggests that the user should make sure that private packages can be accessed, it provides no guidance for how to do that.

To address these points, I have made the following changes:

• The message now states that CodeQL is able to analyse the code without the missing packages, before getting into the limitations. The suggested steps then start with "To ensure that you have comprehensive alert coverage, [..]" to still encourage the user to address the problem.
• The suggested steps now include advice for private registries. The suggestion that is included depends on the environment in which the analysis runs in. For dynamic workflows, the user is shown a link to the private registry docs. For other Actions workflows, they are told to add a step to configure access. For other environments, they are told to ensure go has access.

Since the diagnostic message now depends on the environment, I have updated the two affected integration tests to always pretend to run in an Actions environment.

[Copilot]

Pull request overview

This PR improves the go/autobuilder/package-not-found diagnostic message to make it clearer and more helpful for users. The changes address user confusion about whether CodeQL analysis is working and provide environment-specific guidance for setting up access to private registries.

Changes:

• Added new utility functions (IsActionsWorkflow() and IsDynamicActionsWorkflow()) to detect the execution environment
• Updated the diagnostic message to emphasize that CodeQL can analyze code without missing packages before discussing limitations
• Implemented environment-specific guidance for configuring private registry access (different messages for dynamic workflows, custom Actions workflows, and other environments)

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
go/extractor/util/util.go	Added two new helper functions to detect GitHub Actions execution context
go/extractor/diagnostics/diagnostics.go	Refactored diagnostic message generation with environment-aware guidance for private registry access
go/extractor/cli/go-autobuilder/go-autobuilder.go	Refactored to use new IsActionsWorkflow() utility function instead of inline environment variable check
go/extractor/diagnostics/BUILD.bazel	Added dependency on util package (auto-generated by gazelle)
go/ql/integration-tests/diagnostics/package-not-found-without-go-mod/test.py	Updated test to set GITHUB_ACTIONS environment variable for consistent test output
go/ql/integration-tests/diagnostics/package-not-found-without-go-mod/diagnostics.expected	Updated expected diagnostic message to match new format
go/ql/integration-tests/diagnostics/package-not-found-with-go-mod/test.py	Updated test to set GITHUB_ACTIONS environment variable for consistent test output
go/ql/integration-tests/diagnostics/package-not-found-with-go-mod/diagnostics.expected	Updated expected diagnostic message to match new format

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.