public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v1 0/2] Enable Initial CodeQL Support
@ 2022-11-01 15:54 Michael Kubacki
  2022-11-01 15:54 ` [PATCH v1 1/2] Maintainers.txt: Add .github maintainers and reviewers Michael Kubacki
  2022-11-01 15:54 ` [PATCH v1 2/2] .github: Add initial CodeQL config and workflow files Michael Kubacki
  0 siblings, 2 replies; 3+ messages in thread
From: Michael Kubacki @ 2022-11-01 15:54 UTC (permalink / raw)
  To: devel; +Cc: Andrew Fish, Leif Lindholm, Liming Gao, Michael D Kinney,
	Sean Brogan

From: Michael Kubacki <michael.kubacki@microsoft.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4115

This patch series enables initial CodeQL support within the edk2
repository.

After this patch, a CodeQL Analyze step will run on a subset of
edk2 packages in Pull Requests. The plan to scale additional CodeQL
queries is documented in the RFC and it is recommeneded to read
that for more detail:

https://github.com/tianocore/edk2/discussions/3258#discussioncomment-3682099

In summary, this change will:

- Main workflow file - .github/workflows/codeql-analysis.yml

1. Add a code scanning workflow with the CodeQL Analysis GitHub action
2. Build packages on Ubuntu with GCC5
3. Perform CodeQL analysis on the build results

- Custom configuration file - .github/codeql/codeql-config.yml

1. Specify the edk2 CodeQL query set
2. Apply a query filter to exclude errors, warnings, and
   recommendations

- edk2 query set file - .github/codeql/edk2.qls

1. Enable a single query: cpp/conditionallyuninitializedvariable

Per the RFC, this enables CodeQL but does not allow any alerts
by suppressing all of the severity levels.

When the code changes necessary to resolve problems found with
cpp/conditionallyuninitializedvariable are checked in, the severity
filter can be adjusted such that query is enabled.

Note that there is an occassional issue with filesystem paths at
the moment that prevents this change from being checked in. A
bug has been filed against CodeQL and some additional investigation
is being done.

https://github.com/github/codeql-action/issues/1338

In the meantime, this v1 patch series is being sent for feedback.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>

Michael Kubacki (2):
  Maintainers.txt: Add .github maintainers and reviewers
  .github: Add initial CodeQL config and workflow files

 .github/codeql/codeql-config.yml      |  30 ++++++
 .github/codeql/edk2.qls               |  12 +++
 .github/workflows/codeql-analysis.yml | 102 ++++++++++++++++++++
 Maintainers.txt                       |   6 ++
 4 files changed, 150 insertions(+)
 create mode 100644 .github/codeql/codeql-config.yml
 create mode 100644 .github/codeql/edk2.qls
 create mode 100644 .github/workflows/codeql-analysis.yml

-- 
2.28.0.windows.1


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-11-01 15:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-11-01 15:54 [PATCH v1 0/2] Enable Initial CodeQL Support Michael Kubacki
2022-11-01 15:54 ` [PATCH v1 1/2] Maintainers.txt: Add .github maintainers and reviewers Michael Kubacki
2022-11-01 15:54 ` [PATCH v1 2/2] .github: Add initial CodeQL config and workflow files Michael Kubacki

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox