public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH v4 6/8] .pytool/CISettings: Enable CodeQL audit mode
Date: Thu,  2 Nov 2023 16:03:10 -0400	[thread overview]
Message-ID: <20231102200313.1010-7-mikuback@linux.microsoft.com> (raw)
In-Reply-To: <20231102200313.1010-1-mikuback@linux.microsoft.com>

From: Michael Kubacki <mikuback@microsoft.com>

Since a large number of CodeQL queries are being enabled to identify
issues that the community can collectively resolve, audit mode needs to
be enabled to prevent the build from failing.

In the future, this global audit mode can be disabled and individual
packages can enable/disable audit mode in their package CI YAML file
using the instructions in the CodeQL plugin readme.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 .pytool/CISettings.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index b8b8080439c1..ec3beb0dcf9d 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -196,6 +196,12 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
 
             try:
                 scopes += codeql_helpers.get_scopes(self.codeql)
+
+                if self.codeql:
+                    shell_environment.GetBuildVars().SetValue(
+                        "STUART_CODEQL_AUDIT_ONLY",
+                        "TRUE",
+                        "Set in CISettings.py")
             except NameError:
                 pass
 
-- 
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110571): https://edk2.groups.io/g/devel/message/110571
Mute This Topic: https://groups.io/mt/102350796/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



  parent reply	other threads:[~2023-11-02 20:03 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-02 20:03 [edk2-devel] [PATCH v4 0/8] Use CodeQL CLI Michael Kubacki
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 1/8] Remove existing CodeQL infrastructure Michael Kubacki
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 2/8] BaseTools/Plugin/CodeQL: Add CodeQL build plugin Michael Kubacki
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 3/8] BaseTools/Plugin/CodeQL: Add integration helpers Michael Kubacki
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 4/8] .pytool/CISettings.py: Integrate CodeQL Michael Kubacki
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 5/8] .github/workflows/codeql.yml: Add CodeQL workflow Michael Kubacki
2023-11-02 20:03 ` Michael Kubacki [this message]
2023-11-07  0:57   ` [edk2-devel] [PATCH v4 6/8] .pytool/CISettings: Enable CodeQL audit mode Sean
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 7/8] BaseTools/Plugin/CodeQL: Enable 30 queries Michael Kubacki
2023-11-07  0:55   ` Sean
2023-11-02 20:03 ` [edk2-devel] [PATCH v4 8/8] ReadMe.rst: Add CodeQL/analyze directory under other licenses Michael Kubacki
2023-11-03 13:06   ` Laszlo Ersek
2023-11-03 14:16     ` Michael Kubacki
2023-11-03 14:46       ` Laszlo Ersek
2023-11-03 14:48         ` Laszlo Ersek
2023-11-03 15:19         ` Michael Kubacki
2023-11-07  1:00 ` [edk2-devel] [PATCH v4 0/8] Use CodeQL CLI Sean

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231102200313.1010-7-mikuback@linux.microsoft.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox