From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+110568+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 9CEBB740039
	for <rebecca@openfw.io>; Thu,  2 Nov 2023 20:03:46 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=OSs88zgSdrbIlvFcBwKeMDjMWeRrulMuK8xPVZXhnBU=;
 c=relaxed/simple; d=groups.io;
 h=DKIM-Filter:From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1698955425; v=1;
 b=BhQLEbdFAQw5gJccdVxOeNMR69y7neBlNoSDdl5kP9YqxJ5ynGok/N0VULQmLmyoZQWdbSmr
 DMHHQZ3g8xe7rf6k6ysBkf6JuJYNeCZqDnHB7lyEc3k+2Bx0ta5Ry97AvsJPuOInvdCfyeotkLj
 VfpgDyle6oiOLs6KcqKUIwls=
X-Received: by 127.0.0.2 with SMTP id P4ZmYY7687511xypFmq26LvJ; Thu, 02 Nov 2023 13:03:45 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.42412.1698955424755676899
 for <devel@edk2.groups.io>;
 Thu, 02 Nov 2023 13:03:44 -0700
X-Received: from localhost.localdomain (unknown [47.201.241.95])
	by linux.microsoft.com (Postfix) with ESMTPSA id 8FD5320B74C2;
	Thu,  2 Nov 2023 13:03:43 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 8FD5320B74C2
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Rebecca Cran <rebecca@bsdio.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v4 3/8] BaseTools/Plugin/CodeQL: Add integration helpers
Date: Thu,  2 Nov 2023 16:03:07 -0400
Message-ID: <20231102200313.1010-4-mikuback@linux.microsoft.com>
In-Reply-To: <20231102200313.1010-1-mikuback@linux.microsoft.com>
References: <20231102200313.1010-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: JBjRgJ8CvIEPtrv5Bovo8EXNx7686176AA=
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=BhQLEbdF;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Michael Kubacki <michael.kubacki@microsoft.com>

Adds a Python module to the CodeQL plugin directory that exports
functions commonly needed for Stuart-based platforms to easily
enable CodeQL in their platform build.

This functionality has already moved to edk2-pytool-extensions
https://github.com/tianocore/edk2-pytool-extensions in the
`edk2toolext/codeql.py` file but edk2 is too far behind to use that.

Additional integration changes are needed in edk2 and the series
to add those has not made it past review. In the meantime, the
functions are available locally in this commit and this commit can
be reverted after edk2-pytool-extensions 0.24.1 or greater is used
in edk2.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 BaseTools/Plugin/CodeQL/integration/__init__.py      |  0
 BaseTools/Plugin/CodeQL/integration/stuart_codeql.py | 79 ++++++++++++++=
++++++
 2 files changed, 79 insertions(+)

diff --git a/BaseTools/Plugin/CodeQL/integration/__init__.py b/BaseTools/=
Plugin/CodeQL/integration/__init__.py
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/BaseTools/Plugin/CodeQL/integration/stuart_codeql.py b/BaseT=
ools/Plugin/CodeQL/integration/stuart_codeql.py
new file mode 100644
index 000000000000..a3941d13157f
--- /dev/null
+++ b/BaseTools/Plugin/CodeQL/integration/stuart_codeql.py
@@ -0,0 +1,79 @@
+# @file stuart_codeql.py
+#
+# Exports functions commonly needed for Stuart-based platforms to easily
+# enable CodeQL in their platform build.
+#
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+from edk2toolext.environment.uefi_build import UefiBuilder
+from edk2toollib.utility_functions import GetHostInfo
+from argparse import ArgumentParser, Namespace
+from typing import Tuple
+
+
+def add_command_line_option(parser: ArgumentParser) -> None:
+    """Adds the CodeQL command to the platform command line options.
+
+    Args:
+        parser (ArgumentParser): The argument parser used in this build.
+
+    """
+    parser.add_argument(
+        '--codeql',
+        dest=3D'codeql',
+        action=3D'store_true',
+        default=3DFalse,
+        help=3D"Optional - Produces CodeQL results from the build. See "
+             "BaseTools/Plugin/CodeQL/Readme.md for more info.")
+
+
+def get_scopes(codeql_enabled: bool) -> Tuple[str]:
+    """Returns the active CodeQL scopes for this build.
+
+    Args:
+        codeql_enabled (bool): Whether CodeQL is enabled.
+
+    Returns:
+        Tuple[str]: A tuple of strings containing scopes that enable the
+                    CodeQL plugin.
+    """
+    active_scopes =3D ()
+
+    if codeql_enabled:
+        if GetHostInfo().os =3D=3D "Linux":
+            active_scopes +=3D ("codeql-linux-ext-dep",)
+        else:
+            active_scopes +=3D ("codeql-windows-ext-dep",)
+        active_scopes +=3D ("codeql-build", "codeql-analyze")
+
+    return active_scopes
+
+
+def is_codeql_enabled_on_command_line(args: Namespace) -> bool:
+    """Returns whether CodeQL was enabled on the command line.
+
+    Args:
+        args (Namespace): Object holding a string representation of comm=
and
+                          line arguments.
+
+    Returns:
+        bool: True if CodeQL is enabled on the command line. Otherwise, =
false.
+    """
+    return args.codeql
+
+
+def set_audit_only_mode(uefi_builder: UefiBuilder) -> None:
+    """Configures the CodeQL plugin to run in audit only mode.
+
+    Args:
+        uefi_builder (UefiBuilder): The UefiBuilder object for this plat=
form
+                                    build.
+
+    """
+
+    uefi_builder.env.SetValue(
+        "STUART_CODEQL_AUDIT_ONLY",
+        "true",
+        "Platform Defined")
--=20
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110568): https://edk2.groups.io/g/devel/message/110568
Mute This Topic: https://groups.io/mt/102350792/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-