[edk2-devel] [PATCH v4 4/8] .pytool/CISettings.py: Integrate CodeQL

Thu, 02 Nov 2023 13:03:50 -0700 

From: Michael Kubacki <michael.kuba...@microsoft.com>

Adds the `--codeql` parameter to `stuart_update` and
`stuart_ci_build`.

- `stuart_update --codeql` - Downloads the CodeQL CLI locally. The
  command will pull the appropriate binary for the host OS.
- `stuart_ci_build --codeql` - Runs CodeQL during the build resulting
  in a CodeQL database and SARIF result file in the `Build`
  directory.

Cc: Sean Brogan <sean.bro...@microsoft.com>
Cc: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kuba...@microsoft.com>
Acked-by: Michael D Kinney <michael.d.kin...@intel.com>
---
 .pytool/CISettings.py | 30 ++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index c5803a877c36..b8b8080439c1 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -7,12 +7,27 @@
 ##
 import os
 import logging
+import sys
 from edk2toolext.environment import shell_environment
 from edk2toolext.invocables.edk2_ci_build import CiBuildSettingsManager
 from edk2toolext.invocables.edk2_setup import SetupSettingsManager, 
RequiredSubmodule
 from edk2toolext.invocables.edk2_update import UpdateSettingsManager
 from edk2toolext.invocables.edk2_pr_eval import PrEvalSettingsManager
 from edk2toollib.utility_functions import GetHostInfo
+from pathlib import Path
+
+
+try:
+    # Temporarily needed until edk2 can update to the latest edk2-pytools
+    # that has the CodeQL helpers.
+    #
+    # May not be present until submodules are populated.
+    #
+    root = Path(__file__).parent.parent.resolve()
+    sys.path.append(str(root/'BaseTools'/'Plugin'/'CodeQL'/'integration'))
+    import stuart_codeql as codeql_helpers
+except ImportError:
+    pass
 
 
 class Settings(CiBuildSettingsManager, UpdateSettingsManager, 
SetupSettingsManager, PrEvalSettingsManager):
@@ -34,6 +49,11 @@ class Settings(CiBuildSettingsManager, 
UpdateSettingsManager, SetupSettingsManag
         group.add_argument("-force_piptools", "--fpt", dest="force_piptools", 
action="store_true", default=False, help="Force the system to use pip tools")
         group.add_argument("-no_piptools", "--npt", dest="no_piptools", 
action="store_true", default=False, help="Force the system to not use pip 
tools")
 
+        try:
+            codeql_helpers.add_command_line_option(parserObj)
+        except NameError:
+            pass
+
     def RetrieveCommandLineOptions(self, args):
         super().RetrieveCommandLineOptions(args)
         if args.force_piptools:
@@ -41,6 +61,11 @@ class Settings(CiBuildSettingsManager, 
UpdateSettingsManager, SetupSettingsManag
         if args.no_piptools:
             self.UseBuiltInBaseTools = False
 
+        try:
+            self.codeql = 
codeql_helpers.is_codeql_enabled_on_command_line(args)
+        except NameError:
+            pass
+
     # 
#######################################################################################
 #
     #                        Default Support for this Ci Build                 
               #
     # 
#######################################################################################
 #
@@ -169,6 +194,11 @@ class Settings(CiBuildSettingsManager, 
UpdateSettingsManager, SetupSettingsManag
             else:
                 logging.warning("Falling back to using in-tree BaseTools")
 
+            try:
+                scopes += codeql_helpers.get_scopes(self.codeql)
+            except NameError:
+                pass
+
             self.ActualScopes = scopes
         return self.ActualScopes
 
-- 
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110569): https://edk2.groups.io/g/devel/message/110569
Mute This Topic: https://groups.io/mt/102350793/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to