Github actions updates (#139)

* Update build-codeql.yaml test codeql action Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml manual download Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml add back yest of build step Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml try all jobs Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml test all jobs Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml dvl tests Signed-off-by: Jacob Ronstadt <[email protected]> * Add files via upload Signed-off-by: Jacob Ronstadt <[email protected]> * Create readme Signed-off-by: Jacob Ronstadt <[email protected]> * restructure * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * add test projects * Update dvl_tests.ps1 Signed-off-by: Jacob Ronstadt <[email protected]> * Update dvl_tests.ps1 Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update dvl_tests.ps1 Signed-off-by: Jacob Ronstadt <[email protected]> * Update dvl_tests.ps1 Signed-off-by: Jacob Ronstadt <[email protected]> * Update dvl_tests.ps1 Signed-off-by: Jacob Ronstadt <[email protected]> * update build_create_analyze_test.py to fail when different results are found * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * change when results get uploaded * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * fix exit code * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * update to use driver_snippet.c instead of other driver projects * add template path variable * fix path * fix path * test * fix template path * test * update template project to have arm configuration * fix msbuild command * fix driver_snippet.c * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * print results location * Update build-codeql.yaml Signed-off-by: Jacob Ronstadt <[email protected]> * fix sarif copy and compare sarif results * add expected sarif results * Delete src/drivers/test/dvl_tests/readme Signed-off-by: Jacob Ronstadt <[email protected]> --------- Signed-off-by: Jacob Ronstadt <[email protected]>
microsoft · May 24, 2024 · a378744 · a378744
1 parent 35782fd
commit a378744
Show file tree

Hide file tree

Showing 7 changed files with 1,442 additions and 202 deletions.
diff --git a/.github/workflows/build-codeql.yaml b/.github/workflows/build-codeql.yaml
@@ -12,10 +12,11 @@ on:
 
   # Allow manual scheduling
   workflow_dispatch:
-
+  
 jobs:
-  build-publish:
+  build:
     runs-on: windows-latest
+
     permissions:
       contents: read
       packages: write
@@ -30,22 +31,58 @@ jobs:
         path: .
         fetch-depth: 0
 
-    - name: Download CodeQL CLI
-      uses: i3h/[email protected]
-      with:
-        owner: "github"
-        repo: "codeql-cli-binaries"
-        tag: "v2.15.4"
-        file: "codeql-win64.zip"
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
+
+    - name: Install CodeQL pack dependencies
+      shell: cmd
+      run: |
+        pushd .\src 
+        ..\codeql-cli\codeql.cmd pack install 
+        popd
+   
+    - name: codeql version test
+      run: .\codeql-cli\codeql.exe version
+
+    - name: Build must-fix driver suite
+      shell: cmd
+      run: .\codeql-cli\codeql.cmd query compile --check-only windows_mustfix_partial.qls
 
-    - name: Unzip CodeQL CLI
-      run: Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force
+    - name: Build recommended driver suite
+      shell: cmd
+      run: .\codeql-cli\codeql.cmd query compile --check-only windows_recommended_partial.qls
 
-    - name: Move CodeQL CLI folder to main subdirectory
+    - name: Build CA ported queries
       shell: cmd
-      continue-on-error: true # Required because robocopy returns 1 on success
-      run: robocopy /S /move .\codeql-zip\codeql .\codeql-cli\
-
+      run: .\codeql-cli\codeql.cmd query compile --check-only ported_driver_ca_checks.qls
+
+    - name: Build all Windows queries
+      shell: cmd
+      run: .\codeql-cli\codeql.cmd query compile --check-only .\src
+
+  test-query-health:
+    runs-on: windows-latest
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Enable long git paths
+      shell: cmd
+      run: git config --global core.longpaths true
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
     - name: Install CodeQL pack dependencies
       shell: cmd
       run: |
@@ -54,47 +91,94 @@ jobs:
         popd
     - name: codeql version test
       run: .\codeql-cli\codeql.exe version
-
     - name: Setup Python
       uses: actions/setup-python@v5
       with:
         python-version: 3.11
-
     - name: Install Python Packages
       run: |
           python -m pip install --upgrade pip
           pip install -r .\src\drivers\test\requirements.txt
     - name: Add msbuild to PATH
       uses: microsoft/setup-msbuild@v2
-
     - name: Run test script
       shell: pwsh
-      continue-on-error: true # Allow script to return non-zero exit code
       env:
         CONNECTION_STRING: ${{ secrets.CONNECTION_STRING }}
         ACCOUNT_KEY: ${{ secrets.ACCOUNT_KEY }}
         SHARE_NAME: ${{ secrets.SHARE_NAME }}
         CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
         ACCOUNT_NAME: ${{ secrets.ACCOUNT_NAME }}
-
-      run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" --container_name "$env:CONTAINER_NAME"  --storage_account_key "$env:ACCOUNT_KEY" --storage_account_name "$env:ACCOUNT_NAME" 
+      run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" --container_name "$env:CONTAINER_NAME"
 
-    - name: Build must-fix driver suite
+  test-codeql-latest-vs-current:
+  # Tests if the latest codeql version produces the same results as the current version. 
+    runs-on: windows-latest
+    continue-on-error: true # Allow script to return non-zero exit code
+    needs: [build,test-query-health]
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Enable long git paths
       shell: cmd
-      run: .\codeql-cli\codeql.cmd query compile --check-only windows_mustfix_partial.qls
+      run: git config --global core.longpaths true
 
-    - name: Build recommended driver suite
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_LATEST_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
+    - name: Install CodeQL pack dependencies
       shell: cmd
-      run: .\codeql-cli\codeql.cmd query compile --check-only windows_recommended_partial.qls
-
-    - name: Build CA ported queries
+      run: |
+        pushd .\src 
+        ..\codeql-cli\codeql.cmd pack install 
+        popd
+    - name: codeql version test
+      run: .\codeql-cli\codeql.exe version
+    - name: Setup Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.11
+    - name: Install Python Packages
+      run: |
+          python -m pip install --upgrade pip
+          pip install -r .\src\drivers\test\requirements.txt
+    - name: Add msbuild to PATH
+      uses: microsoft/setup-msbuild@v2
+    - name: Run test script
+      shell: pwsh
+      env:
+        CONNECTION_STRING: ${{ secrets.CONNECTION_STRING }}
+        ACCOUNT_KEY: ${{ secrets.ACCOUNT_KEY }}
+        SHARE_NAME: ${{ secrets.SHARE_NAME }}
+        CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
+        ACCOUNT_NAME: ${{ secrets.ACCOUNT_NAME }}
+      run: python src\drivers\test\build_create_analyze_test.py --codeql_path .\codeql-cli\codeql.exe --no_build --compare_results --connection_string "$env:CONNECTION_STRING" --share_name "$env:SHARE_NAME" 
+
+  test-pack-version-update:
+    runs-on: windows-latest
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Enable long git paths
       shell: cmd
-      run: .\codeql-cli\codeql.cmd query compile --check-only ported_driver_ca_checks.qls
+      run: git config --global core.longpaths true
 
-    - name: Build all Windows queries
-      shell: cmd
-      run: .\codeql-cli\codeql.cmd query compile --check-only .\src
-
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
+
     - name: Check for changes to qlpack
       shell: pwsh
       run: 
@@ -118,16 +202,86 @@ jobs:
         try{$old_qlpack_version = [version]($qlpack_changes -match "-version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
         try{$new_qlpack_version = [version]($qlpack_changes -match "\+version").Substring(10);} catch {"Changed qlpack.yml without updating version"; exit 1 }
         if ($new_qlpack_version -gt $old_qlpack_version) { exit 0 } else { "qlpack.yml version not incremented"; exit 1 }
+
+  test-create-dvl:
+    runs-on: windows-latest
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Enable long git paths
+      shell: cmd
+      run: git config --global core.longpaths true
+
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
+
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
+
+    - name: Install CodeQL pack dependencies
+      shell: cmd
+      run: |
+        pushd .\src 
+        ..\codeql-cli\codeql.cmd pack install 
+        popd
+    - name: Add msbuild to PATH
+      uses: microsoft/setup-msbuild@v2
+
+    - name: Test DVL
+      run: src\drivers\test\dvl_tests\dvl_tests.ps1
+
+    - name: Archive code coverage results
+      uses: actions/upload-artifact@v4
+      with:
+        name: dvl-outputs
+        path: |
+          clean_results\*.*
+          mustfix_results\*.*
+        
+  publish:
+    runs-on: windows-latest
+    needs: [build, test-pack-version-update, test-query-health]
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Enable long git paths
+      shell: cmd
+      run: git config --global core.longpaths true
+
+    - name: Clone self (windows-driver-developer-supplemental-tools)
+      uses: actions/checkout@v4
+      with:
+        path: .
+        fetch-depth: 0
 
+    - name: CodeQL Download
+      run:  
+        Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v${{ vars.CODEQL_VERSION }}/codeql-win64.zip" -OutFile codeql-win64.zip;
+        Expand-Archive -Path codeql-win64.zip -DestinationPath .\codeql-zip -Force;
+        Move-Item -Path  .\codeql-zip\codeql -Destination .\codeql-cli\
+
+    - name: Install CodeQL pack dependencies
+      shell: cmd
+      run: |
+        pushd .\src 
+        ..\codeql-cli\codeql.cmd pack install 
+        popd
     - name: Publish New CodeQL Pack
       shell: pwsh
       env:
         GITHUB_TOKEN:  ${{ secrets.GITHUB_TOKEN }}
-
       run: 
         $build = git rev-parse --short HEAD;
         $version =( Select-String .\src\qlpack.yml -Pattern "version").line;
         $new_ver = "$version-alpha+$build";
         (Get-Content .\src\qlpack.yml).Replace($version, $new_ver) | Set-Content .\src\qlpack.yml;
         .\codeql-cli\codeql.cmd pack publish --allow-prerelease ./src;
-
diff --git a/src/drivers/test/WDMTestTemplate/WDMTestTemplate.sln b/src/drivers/test/WDMTestTemplate/WDMTestTemplate.sln
@@ -7,18 +7,25 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "fail_driver1", "driver\fail
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|ARM64 = Debug|ARM64
 		Debug|Win32 = Debug|Win32
 		Debug|x64 = Debug|x64
+		Release|ARM64 = Release|ARM64
 		Release|Win32 = Release|Win32
 		Release|x64 = Release|x64
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.ActiveCfg = Debug|Win32
-		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.Build.0 = Debug|Win32
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.ActiveCfg = Debug|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.Build.0 = Debug|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|ARM64.Deploy.0 = Debug|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.ActiveCfg = Debug|x64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|Win32.Build.0 = Debug|x64
 		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|x64.ActiveCfg = Debug|x64
 		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Debug|x64.Build.0 = Debug|x64
-		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.ActiveCfg = Release|Win32
-		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.Build.0 = Release|Win32
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.ActiveCfg = Release|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.Build.0 = Release|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|ARM64.Deploy.0 = Release|ARM64
+		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|Win32.ActiveCfg = Release|x64
 		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|x64.ActiveCfg = Release|x64
 		{7F88D5C5-F05F-4817-89F5-C811053277A0}.Release|x64.Build.0 = Release|x64
 	EndGlobalSection