From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 1F9BD7803CF for ; Fri, 1 Mar 2024 23:33:35 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=QXT2SJAtiq2qse6K1fxYdeYLYONgAsEBrGg6cyw3N18=; c=relaxed/simple; d=groups.io; h=DKIM-Filter:From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1709336014; v=1; b=bBSmWPoFfzZq20djvRcJF71Z+fJltW+hhYxid4Jx0fDOKdb1IviuaJl4jqWYTpJiqCmCsZ7I CAKH/qpMuwiWWZOiJkQroA6YwKnGDAGrIyuJe3xL7pcwAuuImsBicfO9YGCuQ7j3ZvOGfgso3zo auM68uT9eo/KEcumcLFimYvw= X-Received: by 127.0.0.2 with SMTP id OMdeYY7687511xUGjEWRkrZi; Fri, 01 Mar 2024 15:33:34 -0800 X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web11.39047.1709336014030191949 for ; Fri, 01 Mar 2024 15:33:34 -0800 X-Received: from localhost.localdomain (unknown [172.171.236.24]) by linux.microsoft.com (Postfix) with ESMTPSA id 185FC20B74C0; Fri, 1 Mar 2024 15:33:32 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 185FC20B74C0 From: "Michael Kubacki" To: devel@edk2.groups.io Cc: Sean Brogan , Joey Vagedes , Michael D Kinney Subject: [edk2-devel] [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions being deprecated Date: Fri, 1 Mar 2024 18:33:15 -0500 Message-Id: <20240301233315.1260-1-mikuback@linux.microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: flMukuM3mPsXb0ccBoOtc6LBx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=bBSmWPoF; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io From: Michael Kubacki Currently CodeQL runs have the following warnings: Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/setup-python@v4, actions/upload-artifact@v3, actions/cache@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-f= rom-node-16-to-node-20/. And: CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see: https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-c= odeql-action-v2/ The first is resolved by updating the actions to the latest versions that were released to use Node.js 20. The second is specifically referring to the codeql-action/upload-sarif action which is at v2. This change updates all of the actions to the latest releases to prevent deprecated versions from continuing to be used. --- The following breaking change was noted in actions/upload-artifact that caused some related changes in the workflow: "Due to how Artifacts are created in this new version, it is no longer possible to upload to the same named Artifact multiple times. You must either split the uploads into multiple Artifacts with different names, or only upload once. Otherwise you will encounter an error." This workflow depended on that behavior previously to append multiple logs (e.g. setup log, update log, build log) to the same named artifact (named per package). These were appended after each operation so they are readily available if the operation failed and no further actions are run. Now the artifacts must be unique in name. The hyphenation comes in because edk2 further builds some packages with both architectures in a single build vs separate builds (e.g. IA32 and X64 vs IA32,X64). To uniquely name artifacts resulting from those builds, the architecture is also placed in the artifact name. For builds with multiple architectures the artifact name captures each architecture separated by a hyphen. Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Signed-off-by: Michael Kubacki --- Notes: v2 Change: =20 Add detailed explanation in the commit message about changes in the workflow file. .github/workflows/codeql.yml | 37 +++++++++++++------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c91e9d4dbeb3..e0c5f69f6cdf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -79,7 +79,7 @@ jobs: uses: actions/checkout@v4 =20 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: '3.11' cache: 'pip' @@ -136,15 +136,26 @@ jobs: print(f'ci_setup_supported=3D{str(ci_setup_supported).lower(= )}', file=3Dfh) print(f'setup_supported=3D{str(setup_supported).lower()}', f= ile=3Dfh) =20 + - name: Convert Arch to Log Format + id: convert_arch_hyphen + env: + ARCH_LIST: ${{ matrix.ArchList }} + shell: python + run: | + import os + + with open(os.environ['GITHUB_OUTPUT'], 'a') as fh: + print(f'arch_list=3D{os.environ["ARCH_LIST"].replace(",", "-= ")}', file=3Dfh) + - name: Setup if: steps.get_ci_file_operations.outputs.setup_supported =3D=3D 't= rue' run: stuart_setup -c .pytool/CISettings.py -t DEBUG -a ${{ matrix.= ArchList }} TOOL_CHAIN_TAG=3DVS2019 =20 - name: Upload Setup Log As An Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: (success() || failure()) && steps.get_ci_file_operations.outpu= ts.setup_supported =3D=3D 'true' with: - name: ${{ matrix.Package }}-Logs + name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.output= s.arch_list }}-Setup-Log path: | **/SETUPLOG.txt retention-days: 7 @@ -155,10 +166,10 @@ jobs: run: stuart_ci_setup -c .pytool/CISettings.py -t DEBUG -a ${{ matr= ix.ArchList }} TOOL_CHAIN_TAG=3DVS2019 =20 - name: Upload CI Setup Log As An Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: (success() || failure()) && steps.get_ci_file_operations.outpu= ts.ci_setup_supported =3D=3D 'true' with: - name: ${{ matrix.Package }}-Logs + name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.output= s.arch_list }}-CI-Setup-Log path: | **/CISETUP.txt retention-days: 7 @@ -168,10 +179,10 @@ jobs: run: stuart_update -c .pytool/CISettings.py -t DEBUG -a ${{ matrix= .ArchList }} TOOL_CHAIN_TAG=3DVS2019 =20 - name: Upload Update Log As An Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: success() || failure() with: - name: ${{ matrix.Package }}-Logs + name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.output= s.arch_list }}-Update-Log path: | **/UPDATE_LOG.txt retention-days: 7 @@ -228,7 +239,7 @@ jobs: =20 - name: Attempt to Load CodeQL CLI From Cache id: codeqlcli_cache - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ${{ steps.cache_key_gen.outputs.codeql_cli_ext_dep_dir }} key: ${{ steps.cache_key_gen.outputs.codeql_cli_cache_key }} @@ -284,10 +295,10 @@ jobs: delete_dirs(build_path) =20 - name: Upload Build Logs As An Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: success() || failure() with: - name: ${{ matrix.Package }}-Logs + name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.output= s.arch_list }}-Build-Logs path: | **/BUILD_REPORT.TXT **/OVERRIDELOG.TXT @@ -329,10 +340,10 @@ jobs: print(f'upload_sarif_file=3Dfalse', file=3Dfh) =20 - name: Upload CodeQL Results (SARIF) As An Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: steps.env_data.outputs.upload_sarif_file =3D=3D 'true' with: - name: ${{ matrix.Package }}-CodeQL-SARIF + name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.output= s.arch_list }}-CodeQL-SARIF path: | ${{ steps.env_data.outputs.emacs_file_path }} ${{ steps.env_data.outputs.sarif_file_path }} @@ -340,7 +351,7 @@ jobs: if-no-files-found: warn =20 - name: Upload CodeQL Results (SARIF) To GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 if: steps.env_data.outputs.upload_sarif_file =3D=3D 'true' with: # Path to SARIF file relative to the root of the repository. --=20 2.40.1.vfs.0.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116287): https://edk2.groups.io/g/devel/message/116287 Mute This Topic: https://groups.io/mt/104677087/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-