[edk2-devel] [PATCH v4 6/8] .pytool/CISettings: Enable CodeQL audit mode

["Michael Kubacki" <mikuback@linux.microsoft.com>]

From: Michael Kubacki <mikuback@microsoft.com>

Since a large number of CodeQL queries are being enabled to identify
issues that the community can collectively resolve, audit mode needs to
be enabled to prevent the build from failing.

In the future, this global audit mode can be disabled and individual
packages can enable/disable audit mode in their package CI YAML file
using the instructions in the CodeQL plugin readme.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 .pytool/CISettings.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index b8b8080439c1..ec3beb0dcf9d 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -196,6 +196,12 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
 
             try:
                 scopes += codeql_helpers.get_scopes(self.codeql)
+
+                if self.codeql:
+                    shell_environment.GetBuildVars().SetValue(
+                        "STUART_CODEQL_AUDIT_ONLY",
+                        "TRUE",
+                        "Set in CISettings.py")
             except NameError:
                 pass
 
-- 
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110571): https://edk2.groups.io/g/devel/message/110571
Mute This Topic: https://groups.io/mt/102350796/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-