* [edk2-devel] [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions being deprecated
@ 2024-03-01 23:33 Michael Kubacki
2024-03-02 1:28 ` Michael D Kinney
0 siblings, 1 reply; 2+ messages in thread
From: Michael Kubacki @ 2024-03-01 23:33 UTC (permalink / raw)
To: devel; +Cc: Sean Brogan, Joey Vagedes, Michael D Kinney
From: Michael Kubacki <michael.kubacki@microsoft.com>
Currently CodeQL runs have the following warnings:
Node.js 16 actions are deprecated. Please update the following
actions to use Node.js 20: actions/setup-python@v4,
actions/upload-artifact@v3, actions/cache@v3. For more information
see:
https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
And:
CodeQL Action v2 will be deprecated on December 5th, 2024. Please
update all occurrences of the CodeQL Action in your workflow files
to v3. For more information, see:
https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
The first is resolved by updating the actions to the latest versions
that were released to use Node.js 20. The second is specifically
referring to the codeql-action/upload-sarif action which is at v2.
This change updates all of the actions to the latest releases to
prevent deprecated versions from continuing to be used.
---
The following breaking change was noted in actions/upload-artifact
that caused some related changes in the workflow:
"Due to how Artifacts are created in this new version, it is no
longer possible to upload to the same named Artifact multiple
times. You must either split the uploads into multiple Artifacts
with different names, or only upload once. Otherwise you will
encounter an error."
This workflow depended on that behavior previously to append multiple
logs (e.g. setup log, update log, build log) to the same named
artifact (named per package). These were appended after each operation
so they are readily available if the operation failed and no further
actions are run.
Now the artifacts must be unique in name. The hyphenation comes in
because edk2 further builds some packages with both architectures in
a single build vs separate builds (e.g. IA32 and X64 vs IA32,X64). To
uniquely name artifacts resulting from those builds, the architecture
is also placed in the artifact name. For builds with multiple
architectures the artifact name captures each architecture separated
by a hyphen.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Joey Vagedes <joey.vagedes@gmail.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
Notes:
v2 Change:
Add detailed explanation in the commit message about changes
in the workflow file.
.github/workflows/codeql.yml | 37 +++++++++++++-------
1 file changed, 24 insertions(+), 13 deletions(-)
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c91e9d4dbeb3..e0c5f69f6cdf 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -79,7 +79,7 @@ jobs:
uses: actions/checkout@v4
- name: Install Python
- uses: actions/setup-python@v4
+ uses: actions/setup-python@v5
with:
python-version: '3.11'
cache: 'pip'
@@ -136,15 +136,26 @@ jobs:
print(f'ci_setup_supported={str(ci_setup_supported).lower()}', file=fh)
print(f'setup_supported={str(setup_supported).lower()}', file=fh)
+ - name: Convert Arch to Log Format
+ id: convert_arch_hyphen
+ env:
+ ARCH_LIST: ${{ matrix.ArchList }}
+ shell: python
+ run: |
+ import os
+
+ with open(os.environ['GITHUB_OUTPUT'], 'a') as fh:
+ print(f'arch_list={os.environ["ARCH_LIST"].replace(",", "-")}', file=fh)
+
- name: Setup
if: steps.get_ci_file_operations.outputs.setup_supported == 'true'
run: stuart_setup -c .pytool/CISettings.py -t DEBUG -a ${{ matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
- name: Upload Setup Log As An Artifact
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: (success() || failure()) && steps.get_ci_file_operations.outputs.setup_supported == 'true'
with:
- name: ${{ matrix.Package }}-Logs
+ name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.outputs.arch_list }}-Setup-Log
path: |
**/SETUPLOG.txt
retention-days: 7
@@ -155,10 +166,10 @@ jobs:
run: stuart_ci_setup -c .pytool/CISettings.py -t DEBUG -a ${{ matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
- name: Upload CI Setup Log As An Artifact
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: (success() || failure()) && steps.get_ci_file_operations.outputs.ci_setup_supported == 'true'
with:
- name: ${{ matrix.Package }}-Logs
+ name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.outputs.arch_list }}-CI-Setup-Log
path: |
**/CISETUP.txt
retention-days: 7
@@ -168,10 +179,10 @@ jobs:
run: stuart_update -c .pytool/CISettings.py -t DEBUG -a ${{ matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
- name: Upload Update Log As An Artifact
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: success() || failure()
with:
- name: ${{ matrix.Package }}-Logs
+ name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.outputs.arch_list }}-Update-Log
path: |
**/UPDATE_LOG.txt
retention-days: 7
@@ -228,7 +239,7 @@ jobs:
- name: Attempt to Load CodeQL CLI From Cache
id: codeqlcli_cache
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ${{ steps.cache_key_gen.outputs.codeql_cli_ext_dep_dir }}
key: ${{ steps.cache_key_gen.outputs.codeql_cli_cache_key }}
@@ -284,10 +295,10 @@ jobs:
delete_dirs(build_path)
- name: Upload Build Logs As An Artifact
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: success() || failure()
with:
- name: ${{ matrix.Package }}-Logs
+ name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.outputs.arch_list }}-Build-Logs
path: |
**/BUILD_REPORT.TXT
**/OVERRIDELOG.TXT
@@ -329,10 +340,10 @@ jobs:
print(f'upload_sarif_file=false', file=fh)
- name: Upload CodeQL Results (SARIF) As An Artifact
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: steps.env_data.outputs.upload_sarif_file == 'true'
with:
- name: ${{ matrix.Package }}-CodeQL-SARIF
+ name: ${{ matrix.Package }}-${{ steps.convert_arch_hyphen.outputs.arch_list }}-CodeQL-SARIF
path: |
${{ steps.env_data.outputs.emacs_file_path }}
${{ steps.env_data.outputs.sarif_file_path }}
@@ -340,7 +351,7 @@ jobs:
if-no-files-found: warn
- name: Upload CodeQL Results (SARIF) To GitHub Code Scanning
- uses: github/codeql-action/upload-sarif@v2
+ uses: github/codeql-action/upload-sarif@v3
if: steps.env_data.outputs.upload_sarif_file == 'true'
with:
# Path to SARIF file relative to the root of the repository.
--
2.40.1.vfs.0.0
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116287): https://edk2.groups.io/g/devel/message/116287
Mute This Topic: https://groups.io/mt/104677087/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [edk2-devel] [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions being deprecated
2024-03-01 23:33 [edk2-devel] [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions being deprecated Michael Kubacki
@ 2024-03-02 1:28 ` Michael D Kinney
0 siblings, 0 replies; 2+ messages in thread
From: Michael D Kinney @ 2024-03-02 1:28 UTC (permalink / raw)
To: mikuback@linux.microsoft.com, devel@edk2.groups.io
Cc: Sean Brogan, Joey Vagedes, Kinney, Michael D
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
> -----Original Message-----
> From: mikuback@linux.microsoft.com <mikuback@linux.microsoft.com>
> Sent: Friday, March 1, 2024 3:33 PM
> To: devel@edk2.groups.io
> Cc: Sean Brogan <sean.brogan@microsoft.com>; Joey Vagedes
> <joey.vagedes@gmail.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Subject: [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions
> being deprecated
>
> From: Michael Kubacki <michael.kubacki@microsoft.com>
>
> Currently CodeQL runs have the following warnings:
>
> Node.js 16 actions are deprecated. Please update the following
> actions to use Node.js 20: actions/setup-python@v4,
> actions/upload-artifact@v3, actions/cache@v3. For more information
> see:
> https://github.blog/changelog/2023-09-22-github-actions-
> transitioning-from-node-16-to-node-20/.
>
> And:
>
> CodeQL Action v2 will be deprecated on December 5th, 2024. Please
> update all occurrences of the CodeQL Action in your workflow files
> to v3. For more information, see:
> https://github.blog/changelog/2024-01-12-code-scanning-deprecation-
> of-codeql-action-v2/
>
> The first is resolved by updating the actions to the latest versions
> that were released to use Node.js 20. The second is specifically
> referring to the codeql-action/upload-sarif action which is at v2.
>
> This change updates all of the actions to the latest releases to
> prevent deprecated versions from continuing to be used.
>
> ---
>
> The following breaking change was noted in actions/upload-artifact
> that caused some related changes in the workflow:
>
> "Due to how Artifacts are created in this new version, it is no
> longer possible to upload to the same named Artifact multiple
> times. You must either split the uploads into multiple Artifacts
> with different names, or only upload once. Otherwise you will
> encounter an error."
>
> This workflow depended on that behavior previously to append multiple
> logs (e.g. setup log, update log, build log) to the same named
> artifact (named per package). These were appended after each operation
> so they are readily available if the operation failed and no further
> actions are run.
>
> Now the artifacts must be unique in name. The hyphenation comes in
> because edk2 further builds some packages with both architectures in
> a single build vs separate builds (e.g. IA32 and X64 vs IA32,X64). To
> uniquely name artifacts resulting from those builds, the architecture
> is also placed in the artifact name. For builds with multiple
> architectures the artifact name captures each architecture separated
> by a hyphen.
>
> Cc: Sean Brogan <sean.brogan@microsoft.com>
> Cc: Joey Vagedes <joey.vagedes@gmail.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
> ---
>
> Notes:
> v2 Change:
>
> Add detailed explanation in the commit message about changes
> in the workflow file.
>
> .github/workflows/codeql.yml | 37 +++++++++++++-------
> 1 file changed, 24 insertions(+), 13 deletions(-)
>
> diff --git a/.github/workflows/codeql.yml
> b/.github/workflows/codeql.yml
> index c91e9d4dbeb3..e0c5f69f6cdf 100644
> --- a/.github/workflows/codeql.yml
> +++ b/.github/workflows/codeql.yml
> @@ -79,7 +79,7 @@ jobs:
> uses: actions/checkout@v4
>
> - name: Install Python
> - uses: actions/setup-python@v4
> + uses: actions/setup-python@v5
> with:
> python-version: '3.11'
> cache: 'pip'
> @@ -136,15 +136,26 @@ jobs:
>
> print(f'ci_setup_supported={str(ci_setup_supported).lower()}', file=fh)
> print(f'setup_supported={str(setup_supported).lower()}',
> file=fh)
>
> + - name: Convert Arch to Log Format
> + id: convert_arch_hyphen
> + env:
> + ARCH_LIST: ${{ matrix.ArchList }}
> + shell: python
> + run: |
> + import os
> +
> + with open(os.environ['GITHUB_OUTPUT'], 'a') as fh:
> + print(f'arch_list={os.environ["ARCH_LIST"].replace(",", "-
> ")}', file=fh)
> +
> - name: Setup
> if: steps.get_ci_file_operations.outputs.setup_supported ==
> 'true'
> run: stuart_setup -c .pytool/CISettings.py -t DEBUG -a ${{
> matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
>
> - name: Upload Setup Log As An Artifact
> - uses: actions/upload-artifact@v3
> + uses: actions/upload-artifact@v4
> if: (success() || failure()) &&
> steps.get_ci_file_operations.outputs.setup_supported == 'true'
> with:
> - name: ${{ matrix.Package }}-Logs
> + name: ${{ matrix.Package }}-${{
> steps.convert_arch_hyphen.outputs.arch_list }}-Setup-Log
> path: |
> **/SETUPLOG.txt
> retention-days: 7
> @@ -155,10 +166,10 @@ jobs:
> run: stuart_ci_setup -c .pytool/CISettings.py -t DEBUG -a ${{
> matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
>
> - name: Upload CI Setup Log As An Artifact
> - uses: actions/upload-artifact@v3
> + uses: actions/upload-artifact@v4
> if: (success() || failure()) &&
> steps.get_ci_file_operations.outputs.ci_setup_supported == 'true'
> with:
> - name: ${{ matrix.Package }}-Logs
> + name: ${{ matrix.Package }}-${{
> steps.convert_arch_hyphen.outputs.arch_list }}-CI-Setup-Log
> path: |
> **/CISETUP.txt
> retention-days: 7
> @@ -168,10 +179,10 @@ jobs:
> run: stuart_update -c .pytool/CISettings.py -t DEBUG -a ${{
> matrix.ArchList }} TOOL_CHAIN_TAG=VS2019
>
> - name: Upload Update Log As An Artifact
> - uses: actions/upload-artifact@v3
> + uses: actions/upload-artifact@v4
> if: success() || failure()
> with:
> - name: ${{ matrix.Package }}-Logs
> + name: ${{ matrix.Package }}-${{
> steps.convert_arch_hyphen.outputs.arch_list }}-Update-Log
> path: |
> **/UPDATE_LOG.txt
> retention-days: 7
> @@ -228,7 +239,7 @@ jobs:
>
> - name: Attempt to Load CodeQL CLI From Cache
> id: codeqlcli_cache
> - uses: actions/cache@v3
> + uses: actions/cache@v4
> with:
> path: ${{ steps.cache_key_gen.outputs.codeql_cli_ext_dep_dir
> }}
> key: ${{ steps.cache_key_gen.outputs.codeql_cli_cache_key }}
> @@ -284,10 +295,10 @@ jobs:
> delete_dirs(build_path)
>
> - name: Upload Build Logs As An Artifact
> - uses: actions/upload-artifact@v3
> + uses: actions/upload-artifact@v4
> if: success() || failure()
> with:
> - name: ${{ matrix.Package }}-Logs
> + name: ${{ matrix.Package }}-${{
> steps.convert_arch_hyphen.outputs.arch_list }}-Build-Logs
> path: |
> **/BUILD_REPORT.TXT
> **/OVERRIDELOG.TXT
> @@ -329,10 +340,10 @@ jobs:
> print(f'upload_sarif_file=false', file=fh)
>
> - name: Upload CodeQL Results (SARIF) As An Artifact
> - uses: actions/upload-artifact@v3
> + uses: actions/upload-artifact@v4
> if: steps.env_data.outputs.upload_sarif_file == 'true'
> with:
> - name: ${{ matrix.Package }}-CodeQL-SARIF
> + name: ${{ matrix.Package }}-${{
> steps.convert_arch_hyphen.outputs.arch_list }}-CodeQL-SARIF
> path: |
> ${{ steps.env_data.outputs.emacs_file_path }}
> ${{ steps.env_data.outputs.sarif_file_path }}
> @@ -340,7 +351,7 @@ jobs:
> if-no-files-found: warn
>
> - name: Upload CodeQL Results (SARIF) To GitHub Code Scanning
> - uses: github/codeql-action/upload-sarif@v2
> + uses: github/codeql-action/upload-sarif@v3
> if: steps.env_data.outputs.upload_sarif_file == 'true'
> with:
> # Path to SARIF file relative to the root of the repository.
> --
> 2.40.1.vfs.0.0
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116289): https://edk2.groups.io/g/devel/message/116289
Mute This Topic: https://groups.io/mt/104677087/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-03-02 1:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-01 23:33 [edk2-devel] [PATCH v2 1/1] .github/workflows/codeql.yml: Update actions being deprecated Michael Kubacki
2024-03-02 1:28 ` Michael D Kinney
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox