Update build-codeql.yaml try all jobs

Signed-off-by: Jacob Ronstadt <[email protected]>

.github/workflows/build-codeql.yaml

@@ -64,16 +64,109 @@ jobs:
     # - name: Build all Windows queries
     #   shell: cmd
     #   run: .\codeql-cli\codeql.cmd query compile --check-only .\src
-  test:
+  test-script:
     runs-on: windows-latest
     needs: build
     permissions:
       contents: read
       packages: write
     steps:
+    - name: Enable long git paths
+      shell: cmd
+      run: git config --global core.longpaths true
+
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
+
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ env.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
+
+    - name: Install CodeQL pack dependencies
+      shell: cmd
+      run: |
+        pushd .\src 
+        ..\codeql-cli\codeql.cmd pack install 
+        popd
     - name: codeql version test
       run: .\codeql-cli\codeql.exe version
-
 
-
+    - name: Setup Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.11
+
+    - name: Install Python Packages
+      run: |
+          python -m pip install --upgrade pip
+          pip install -r .\src\drivers\test\requirements.txt
+    - name: Add msbuild to PATH
+      uses: microsoft/setup-msbuild@v2
+
+    - name: Run test script
+      shell: pwsh
+      continue-on-error: true # Allow script to return non-zero exit code
+      env:
+        CONNECTION_STRING: ${{ secrets.CONNECTION_STRING }}
+        ACCOUNT_KEY: ${{ secrets.ACCOUNT_KEY }}
+        SHARE_NAME: ${{ secrets.SHARE_NAME }}
+        CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
+        ACCOUNT_NAME: ${{ secrets.ACCOUNT_NAME }}
+
+      run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" --container_name "$env:CONTAINER_NAME"  --storage_account_key "$env:ACCOUNT_KEY" --storage_account_name "$env:ACCOUNT_NAME" 
+
+  test-version-update:
+    runs-on: windows-latest
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Check for changes to qlpack
+      shell: pwsh
+      run: 
+        $qlpack_diff = git diff HEAD~1:src/qlpack.yml src/qlpack.yml;
+        $rec_diff = git diff HEAD~1:src/windows-driver-suites/windows_recommended_partial.qls src/windows-driver-suites/windows_recommended_partial.qls;
+        $mf_diff = git diff HEAD~1:src/windows-driver-suites/windows_mustfix_partial.qls src/windows-driver-suites/windows_mustfix_partial.qls;
+        if (!$qlpack_diff -and ($rec_diff -or $mf_diff)) { "Query suite file updated without updating qlpack version"; exit 1 }
+
+        $last_qlpack_commit = git log -n 1 --pretty=format:%H -- src/qlpack.yml;
+        $qlpack_changes =git show $last_qlpack_commit -- .\src\qlpack.yml;
+
+        $last_mf_commit = git log -n 1 --pretty=format:%H -- src/windows-driver-suites/windows_mustfix_partial.qls;
+        $last_rec_commit = git log -n 1 --pretty=format:%H -- src/windows-driver-suites/windows_recommended_partial.qls;
+        $commits_since_qlpack_change = [int](git rev-list --count HEAD...$last_qlpack_commit);
+        $commits_since_mf_change = [int](git rev-list --count HEAD...$last_mf_commit);
+        $commits_since_rec_change = [int](git rev-list --count HEAD...$last_rec_commit);
+
+        if ($commits_since_qlpack_change -gt $commits_since_mf_change) { "Mustfix query suite file modified without updating version"; exit 1 }; 
+        if ($commits_since_qlpack_change -gt $commits_since_rec_change) {"Recommended query suite file modified without updating version"; exit 1 };
+
+        try{$old_qlpack_version = [version]($qlpack_changes -match "-version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
+        try{$new_qlpack_version = [version]($qlpack_changes -match "\+version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
+        if ($new_qlpack_version -gt $old_qlpack_version) { exit 0 } else { "qlpack.yml version not incremented"; exit 1 }
+
+
+  publish:
+    runs-on: windows-latest
+    needs: [build, test-version-update,test-script]
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Publish New CodeQL Pack
+      shell: pwsh
+      env:
+        GITHUB_TOKEN:  ${{ secrets.GITHUB_TOKEN }}
 
+      run: 
+        $build = git rev-parse --short HEAD;
+        $version =( Select-String .\src\qlpack.yml -Pattern "version").line;
+        $new_ver = "$version-alpha+$build";
+        (Get-Content .\src\qlpack.yml).Replace($version, $new_ver) | Set-Content .\src\qlpack.yml;
+        .\codeql-cli\codeql.cmd pack publish --allow-prerelease ./src;