From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH v1 4/5] .pytool/CISettings.py: Integrate CodeQL
Date: Tue, 26 Sep 2023 15:21:13 -0400 [thread overview]
Message-ID: <20230926192114.416-5-mikuback@linux.microsoft.com> (raw)
In-Reply-To: <20230926192114.416-1-mikuback@linux.microsoft.com>
From: Michael Kubacki <michael.kubacki@microsoft.com>
Adds the `--codeql` parameter to `stuart_update` and
`stuart_ci_build`.
- `stuart_update --codeql` - Downloads the CodeQL CLI locally. The
command will pull the appropriate binary for the host OS.
- `stuart_ci_build --codeql` - Runs CodeQL during the build resulting
in a CodeQL database and SARIF result file in the `Build`
directory.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
.pytool/CISettings.py | 30 ++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index 6fb7342f8153..f6595dd3cccf 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -7,12 +7,27 @@
##
import os
import logging
+import sys
from edk2toolext.environment import shell_environment
from edk2toolext.invocables.edk2_ci_build import CiBuildSettingsManager
from edk2toolext.invocables.edk2_setup import SetupSettingsManager, RequiredSubmodule
from edk2toolext.invocables.edk2_update import UpdateSettingsManager
from edk2toolext.invocables.edk2_pr_eval import PrEvalSettingsManager
from edk2toollib.utility_functions import GetHostInfo
+from pathlib import Path
+
+
+try:
+ # Temporarily needed until edk2 can update to the latest edk2-pytools
+ # that has the CodeQL helpers.
+ #
+ # May not be present until submodules are populated.
+ #
+ root = Path(__file__).parent.parent.resolve()
+ sys.path.append(str(root/'BaseTools'/'Plugin'/'CodeQL'/'integration'))
+ import stuart_codeql as codeql_helpers
+except ImportError:
+ pass
class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManager, PrEvalSettingsManager):
@@ -34,6 +49,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
group.add_argument("-force_piptools", "--fpt", dest="force_piptools", action="store_true", default=False, help="Force the system to use pip tools")
group.add_argument("-no_piptools", "--npt", dest="no_piptools", action="store_true", default=False, help="Force the system to not use pip tools")
+ try:
+ codeql_helpers.add_command_line_option(parserObj)
+ except NameError:
+ pass
+
def RetrieveCommandLineOptions(self, args):
super().RetrieveCommandLineOptions(args)
if args.force_piptools:
@@ -41,6 +61,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
if args.no_piptools:
self.UseBuiltInBaseTools = False
+ try:
+ self.codeql = codeql_helpers.is_codeql_enabled_on_command_line(args)
+ except NameError:
+ pass
+
# ####################################################################################### #
# Default Support for this Ci Build #
# ####################################################################################### #
@@ -169,6 +194,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
else:
logging.warning("Falling back to using in-tree BaseTools")
+ try:
+ scopes += codeql_helpers.get_scopes(self.codeql)
+ except NameError:
+ pass
+
self.ActualScopes = scopes
return self.ActualScopes
--
2.42.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109085): https://edk2.groups.io/g/devel/message/109085
Mute This Topic: https://groups.io/mt/101603471/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-09-26 19:22 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-26 19:21 [edk2-devel] [PATCH v1 0/5] Use CodeQL CLI Michael Kubacki
2023-09-26 19:21 ` [edk2-devel] [PATCH v1 1/5] Remove existing CodeQL infrastructure Michael Kubacki
2023-09-26 19:21 ` [edk2-devel] [PATCH v1 2/5] BaseTools/Plugin/CodeQL: Add CodeQL build plugin Michael Kubacki
2023-09-26 19:21 ` [edk2-devel] [PATCH v1 3/5] BaseTools/Plugin/CodeQL: Add integration helpers Michael Kubacki
2023-09-26 19:21 ` Michael Kubacki [this message]
2023-09-26 19:21 ` [edk2-devel] [PATCH v1 5/5] .github/workflows/codeql.yml: Add CodeQL workflow Michael Kubacki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230926192114.416-5-mikuback@linux.microsoft.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox