From 847934078c9165cf92ff9cab5d7c1df601722bec Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 12 Aug 2022 20:51:59 +0200 Subject: [PATCH 1/5] update the version of codeql-action used by QL-for-QL --- .github/workflows/ql-for-ql-build.yml | 6 +++--- .github/workflows/ql-for-ql-dataset_measure.yml | 2 +- .github/workflows/ql-for-ql-tests.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 7c3b8ccb78c7..9a5bcbba78fb 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -17,7 +17,7 @@ jobs: - uses: actions/checkout@v3 - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca with: languages: javascript # does not matter - name: Get CodeQL version @@ -158,14 +158,14 @@ jobs: env: CONF: ./ql-for-ql-config.yml - name: Initialize CodeQL - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca with: languages: ql db-location: ${{ runner.temp }}/db config-file: ./ql-for-ql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/analyze@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca with: category: "ql-for-ql" - name: Copy sarif file to CWD diff --git a/.github/workflows/ql-for-ql-dataset_measure.yml b/.github/workflows/ql-for-ql-dataset_measure.yml index a5ed2e9b2665..f53c6a996f04 100644 --- a/.github/workflows/ql-for-ql-dataset_measure.yml +++ b/.github/workflows/ql-for-ql-dataset_measure.yml @@ -25,7 +25,7 @@ jobs: - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca with: languages: javascript # does not matter - uses: actions/cache@v3 diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index b016f21f2b95..c68df2bfa287 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v3 - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca with: languages: javascript # does not matter - uses: actions/cache@v3 From 427a6078438ad6f2633250718299f561a76496b6 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 15 Aug 2022 08:03:39 +0200 Subject: [PATCH 2/5] point codeql-action to the local QL-for-QL queries --- .github/workflows/ql-for-ql-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 9a5bcbba78fb..68049603f4a9 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -151,8 +151,8 @@ jobs: echo " - ql/ql/test" >> ${CONF} echo " - \"*/ql/lib/upgrades/\"" >> ${CONF} echo "disable-default-queries: true" >> ${CONF} - echo "packs:" >> ${CONF} - echo " - codeql/ql" >> ${CONF} + echo "queries:" >> ${CONF} + echo " - uses: ./ql/ql/src/codeql-suites/ql-code-scanning.qls" >> ${CONF} echo "Config file: " cat ${CONF} env: From ae0813045140b003868e8ee61991d1134b07f39b Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 15 Aug 2022 22:42:31 +0200 Subject: [PATCH 3/5] more threads --- .github/workflows/ql-for-ql-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 68049603f4a9..e790afe960b2 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -37,7 +37,7 @@ jobs: if: steps.cache-queries.outputs.cache-hit != 'true' run: | cd ql/ql/src - "${CODEQL}" pack create + "${CODEQL}" pack create -j 16 cd .codeql/pack/codeql/ql/0.0.0 zip "${PACKZIP}" -r . rm -rf * From d38d810677d1b427d57c84ecb6d31ea56ff132b6 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 15 Aug 2022 22:42:40 +0200 Subject: [PATCH 4/5] include the workflow in the cache key --- .github/workflows/ql-for-ql-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index e790afe960b2..6517923ef7ba 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -32,7 +32,7 @@ jobs: uses: actions/cache@v3 with: path: ${{ runner.temp }}/query-pack.zip - key: queries-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }} + key: queries-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }}--${{ hashFiles('.github/workflows/ql-for-ql-build.yml') }} - name: Build query pack if: steps.cache-queries.outputs.cache-hit != 'true' run: | From b3adb62adbd7135747269308d5cbdd9f0675f312 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 15 Aug 2022 22:42:51 +0200 Subject: [PATCH 5/5] move the pack cache to where it's read --- .github/workflows/ql-for-ql-build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 6517923ef7ba..da0666c1a1e8 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -163,6 +163,11 @@ jobs: languages: ql db-location: ${{ runner.temp }}/db config-file: ./ql-for-ql-config.yml + - name: Move pack cache + run: | + cp -r ${PACK}/.cache ql/ql/src/.cache + env: + PACK: ${{ runner.temp }}/pack - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca