[CI-NO-BUILD] [build] Introduce CodeQL Management Framework #1287
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Introduced managed CodeQL binary, package cache and test suite versioning control. If the CodeQL binary is detected at CODEQL_BIN a CodeQL build commences, otherwise it is skipped (unchanged behaviour). The package cache versions are set in the :config_ql_whcp function (new). Test suite versioning is via git hash of the WDK Developer Supplemental Tools repository (new, depends on git). The versions are determined by the value of the WHCP_LEVEL variable, which can be either WHCP_LEGACY or WHCP_24H2. Provision for future WHCP versions is templated as WHCP_NEXT. 2. Introduced environment variable SKIP_SDV_ACTUAL to skip Static Driver Verifier (SDV) during analysis builds. CodeQL, Code Analysis (CA) and DVL operations are still executed. Default is to perform the SDV build (unchanged behaviour). 3. Introduced environment variable CODEQL_OFFLINE_ONLY to perform binary, package cache and suite version checking but NOT download any needed updates. Exits on error expecting resolution. Requires git. 4. Introduced environment variable CODEQL_RUN_BLIND to retain legacy behaviour and perform no binary, package cache or suite version checking. It presumes the prerequisites are present. Removes git dependency. 5. Make actual SDV build conditional (perform for Win10_SDV only) 6. Uses built-in tools available from WIN10_RS3: curl to download the CodeQL archive and and Powershell to extract it Split from PR virtio-win#1212. Signed-off-by: benyamin-codez <115509179+benyamin-codez@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
CODEQL_BINa CodeQL build commences, otherwise it is skipped (unchanged behaviour).:config_ql_whcpfunction (new). Test suite versioning is via git hash of theWDK Developer Supplemental Toolsrepository (new, depends ongit). The versions are determined by the value of theWHCP_LEVELvariable, which can be eitherWHCP_LEGACYorWHCP_24H2. Provision for future WHCP versions is templated asWHCP_NEXT.SKIP_SDV_ACTUALto skip Static Driver Verifier (SDV) during analysis builds. CodeQL, Code Analysis (CA) and DVL operations are still executed. Default is to perform the SDV build (unchanged behaviour).CODEQL_OFFLINE_ONLYto perform binary, package cache and suite version checking but NOT download any needed updates. Exits on error expecting resolution. Requiresgit.CODEQL_RUN_BLINDto retain legacy behaviour and perform no binary, package cache or suite version checking. It presumes the prerequisites are present. Removesgitdependency.Win10_SDVonly)(a)
curlto download the CodeQL archive; and(b)
Powershellto extract it.Split from PR #1212.