Skip to content

Commit

Permalink
Github actions updates (#139)
Browse files Browse the repository at this point in the history 
* Update build-codeql.yaml test codeql action

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml manual download

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml add back yest of build step

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml try all jobs

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml test all jobs

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml dvl tests

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Add files via upload

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Create readme

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* restructure

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* add test projects

* Update dvl_tests.ps1

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update dvl_tests.ps1

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update dvl_tests.ps1

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update dvl_tests.ps1

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update dvl_tests.ps1

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* update build_create_analyze_test.py to fail when different results are found

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* change when results get uploaded

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* fix exit code

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* update to use driver_snippet.c instead of other driver projects

* add template path variable

* fix path

* fix path

* test

* fix template path

* test

* update template project to have arm configuration

* fix msbuild command

* fix driver_snippet.c

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* print results location

* Update build-codeql.yaml

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

* fix sarif copy and compare sarif results

* add expected sarif results

* Delete src/drivers/test/dvl_tests/readme

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>

---------

Signed-off-by: Jacob Ronstadt <147542405+jacob-ronstadt@users.noreply.github.com>
  • Loading branch information
@jacob-ronstadt
jacob-ronstadt committed May 24, 2024
1 parent 35782fd commit a378744
Show file tree
Hide file tree
Showing 7 changed files with 1,442 additions and 202 deletions.
222 changes: 188 additions & 34 deletions .github/workflows/build-codeql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,11 @@ on:

# Allow manual scheduling
workflow_dispatch:

jobs:
build-publish:
build:
runs-on: windows-latest

permissions:
contents: read
packages: write
Expand All @@ -30,22 +31,58 @@ jobs:
path: .
fetch-depth: 0

- name: Download CodeQL CLI
uses: i3h/download-release-asset@v1.2.0
with:
owner: "github"
repo: "codeql-cli-binaries"
tag: "v2.15.4"
file: "codeql-win64.zip"
- name: CodeQL Download
run:
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
Move-Item -Path .\codeql-zip\codeql -Destination .\codeql-cli\

- name: Install CodeQL pack dependencies
shell: cmd
run: |
pushd .\src
..\codeql-cli\codeql.cmd pack install
popd
- name: codeql version test
run: .\codeql-cli\codeql.exe version

- name: Build must-fix driver suite
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only windows_mustfix_partial.qls

- name: Unzip CodeQL CLI
run: Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force
- name: Build recommended driver suite
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only windows_recommended_partial.qls

- name: Move CodeQL CLI folder to main subdirectory
- name: Build CA ported queries
shell: cmd
continue-on-error: true # Required because robocopy returns 1 on success
run: robocopy /S /move .\codeql-zip\codeql .\codeql-cli\

run: .\codeql-cli\codeql.cmd query compile --check-only ported_driver_ca_checks.qls

- name: Build all Windows queries
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only .\src

test-query-health:
runs-on: windows-latest
needs: build
permissions:
contents: read
packages: write
steps:
- name: Enable long git paths
shell: cmd
run: git config --global core.longpaths true
- name: Clone self (windows-driver-developer-supplemental-tools)
uses: actions/checkout@v4
with:
path: .
fetch-depth: 0
- name: CodeQL Download
run:
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
Move-Item -Path .\codeql-zip\codeql -Destination .\codeql-cli\
- name: Install CodeQL pack dependencies
shell: cmd
run: |
Expand All @@ -54,47 +91,94 @@ jobs:
popd
- name: codeql version test
run: .\codeql-cli\codeql.exe version

- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.11

- name: Install Python Packages
run: |
python -m pip install --upgrade pip
pip install -r .\src\drivers\test\requirements.txt
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v2

- name: Run test script
shell: pwsh
continue-on-error: true # Allow script to return non-zero exit code
env:
CONNECTION_STRING: ${{ secrets.CONNECTION_STRING }}
ACCOUNT_KEY: ${{ secrets.ACCOUNT_KEY }}
SHARE_NAME: ${{ secrets.SHARE_NAME }}
CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
ACCOUNT_NAME: ${{ secrets.ACCOUNT_NAME }}

run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" --container_name "$env:CONTAINER_NAME" --storage_account_key "$env:ACCOUNT_KEY" --storage_account_name "$env:ACCOUNT_NAME"
run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" --container_name "$env:CONTAINER_NAME"

- name: Build must-fix driver suite
test-codeql-latest-vs-current:
# Tests if the latest codeql version produces the same results as the current version.
runs-on: windows-latest
continue-on-error: true # Allow script to return non-zero exit code
needs: [build,test-query-health]
permissions:
contents: read
packages: write
steps:
- name: Enable long git paths
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only windows_mustfix_partial.qls
run: git config --global core.longpaths true

- name: Build recommended driver suite
- name: Clone self (windows-driver-developer-supplemental-tools)
uses: actions/checkout@v4
with:
path: .
fetch-depth: 0
- name: CodeQL Download
run:
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_LATEST_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
Move-Item -Path .\codeql-zip\codeql -Destination .\codeql-cli\
- name: Install CodeQL pack dependencies
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only windows_recommended_partial.qls

- name: Build CA ported queries
run: |
pushd .\src
..\codeql-cli\codeql.cmd pack install
popd
- name: codeql version test
run: .\codeql-cli\codeql.exe version
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install Python Packages
run: |
python -m pip install --upgrade pip
pip install -r .\src\drivers\test\requirements.txt
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v2
- name: Run test script
shell: pwsh
env:
CONNECTION_STRING: ${{ secrets.CONNECTION_STRING }}
ACCOUNT_KEY: ${{ secrets.ACCOUNT_KEY }}
SHARE_NAME: ${{ secrets.SHARE_NAME }}
CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
ACCOUNT_NAME: ${{ secrets.ACCOUNT_NAME }}
run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME"

test-pack-version-update:
runs-on: windows-latest
needs: build
permissions:
contents: read
packages: write
steps:
- name: Enable long git paths
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only ported_driver_ca_checks.qls
run: git config --global core.longpaths true

- name: Build all Windows queries
shell: cmd
run: .\codeql-cli\codeql.cmd query compile --check-only .\src

- name: Clone self (windows-driver-developer-supplemental-tools)
uses: actions/checkout@v4
with:
path: .
fetch-depth: 0

- name: Check for changes to qlpack
shell: pwsh
run:
Expand All @@ -118,16 +202,86 @@ jobs:
try{$old_qlpack_version = [version]($qlpack_changes -match "-version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
try{$new_qlpack_version = [version]($qlpack_changes -match "\+version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
if ($new_qlpack_version -gt $old_qlpack_version) { exit 0 } else { "qlpack.yml version not incremented"; exit 1 }

test-create-dvl:
runs-on: windows-latest
needs: build
permissions:
contents: read
packages: write
steps:
- name: Enable long git paths
shell: cmd
run: git config --global core.longpaths true

- name: Clone self (windows-driver-developer-supplemental-tools)
uses: actions/checkout@v4
with:
path: .
fetch-depth: 0

- name: CodeQL Download
run:
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
Move-Item -Path .\codeql-zip\codeql -Destination .\codeql-cli\

- name: Install CodeQL pack dependencies
shell: cmd
run: |
pushd .\src
..\codeql-cli\codeql.cmd pack install
popd
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v2

- name: Test DVL
run: src\drivers\test\dvl_tests\dvl_tests.ps1

- name: Archive code coverage results
uses: actions/upload-artifact@v4
with:
name: dvl-outputs
path: |
clean_results\*.*
mustfix_results\*.*
publish:
runs-on: windows-latest
needs: [build, test-pack-version-update, test-query-health]
permissions:
contents: read
packages: write
steps:
- name: Enable long git paths
shell: cmd
run: git config --global core.longpaths true

- name: Clone self (windows-driver-developer-supplemental-tools)
uses: actions/checkout@v4
with:
path: .
fetch-depth: 0

- name: CodeQL Download
run:
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
Move-Item -Path .\codeql-zip\codeql -Destination .\codeql-cli\

- name: Install CodeQL pack dependencies
shell: cmd
run: |
pushd .\src
..\codeql-cli\codeql.cmd pack install
popd
- name: Publish New CodeQL Pack
shell: pwsh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

run:
$build = git rev-parse --short HEAD;
$version =( Select-String .\src\qlpack.yml -Pattern "version").line;
$new_ver = "$version-alpha+$build";
(Get-Content .\src\qlpack.yml).Replace($version, $new_ver) | Set-Content .\src\qlpack.yml;
.\codeql-cli\codeql.cmd pack publish --allow-prerelease ./src;

15 changes: 11 additions & 4 deletions src/drivers/test/WDMTestTemplate/WDMTestTemplate.sln
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,25 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "fail_driver1", "driver\fail
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|ARM64 = Debug|ARM64
Debug|Win32 = Debug|Win32
Debug|x64 = Debug|x64
Release|ARM64 = Release|ARM64
Release|Win32 = Release|Win32
Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.ActiveCfg = Debug|Win32
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.Build.0 = Debug|Win32
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.ActiveCfg = Debug|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.Build.0 = Debug|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.Deploy.0 = Debug|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.ActiveCfg = Debug|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.Build.0 = Debug|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|x64.ActiveCfg = Debug|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|x64.Build.0 = Debug|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.ActiveCfg = Release|Win32
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.Build.0 = Release|Win32
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.ActiveCfg = Release|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.Build.0 = Release|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.Deploy.0 = Release|ARM64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.ActiveCfg = Release|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|x64.ActiveCfg = Release|x64
{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|x64.Build.0 = Release|x64
EndGlobalSection
Expand Down
Loading

0 comments on commit a378744

Please sign in to comment.