From nobody Sun Feb  8 03:11:38 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+109698+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+109698+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1697591121; cv=none;
	d=zohomail.com; s=zohoarc;
	b=DxvbdH+zBl+zjDh1ogYc9tz0PMOQzKW3EK0Tdzyu6bH1SdrWCtL8x4hpXSHi8Ysxfq1dL6P3AZ1oplrvh3IpiMeTIuBKUjuxKvIxS8/HyjusYuWGAvvRchlv4SywG4y961MQnvkQShEL1lx5mnCV91tcFw9gN/Ge3teeIeGcrNo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1697591121;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id;
	bh=NXaZYZ1e8xFIJa2xLX+hIvwkCKZgerMrnwpuTlujdQI=;
	b=CysSd6EduTKi8gz4/kUrmXv2+Cg24bWPMKPyjXJQG0lAfN9eRi4g80mpi6a+9Pov8aQClc+WoWZ8/0UY3YKdKZUQMWMMNU7Yr9DfARk5VzpJYFMmZhdnhJO1nXYS/7WAI3sSs/zaMBBJdcEHofROlyAIZgptCIDRmZsU0oEVkq8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+109698+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1697591121045259.4333362513887;
 Tue, 17 Oct 2023 18:05:21 -0700 (PDT)
Return-Path: <bounce+27952+109698+1787277+3901457@groups.io>
DKIM-Signature: a=rsa-sha256; bh=ozfmRod53fxBDN5Vn+sxx2uTIO72m0h856W9K0+a4x0=;
 c=relaxed/simple; d=groups.io;
 h=DKIM-Filter:From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1697591120; v=1;
 b=FRJjQwIjqXZgVaa0vnYbVWH3Cmzf2EGc2AETn8hvVGCIS4oEeL3dgX1O4l08T2j7QLyLldm/
 ZM2qbG2A6vAmOEsencZ4g06/0TZZ2mvGqeghpyLoyUV9BqI8jWrTWRHAnnaAFclVs6DpWcBnMld
 pizDqLYfQzlNEBO2oBz8CgbU=
X-Received: by 127.0.0.2 with SMTP id 08zcYY1788612xoOFG0aOwiQ;
 Tue, 17 Oct 2023 18:05:20 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.271881.1697591120206279469
 for <devel@edk2.groups.io>;
 Tue, 17 Oct 2023 18:05:20 -0700
X-Received: from localhost.localdomain (unknown [47.201.241.95])
	by linux.microsoft.com (Postfix) with ESMTPSA id 3E57520B74C0;
	Tue, 17 Oct 2023 18:05:19 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 3E57520B74C0
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH v3 4/7] .pytool/CISettings.py: Integrate CodeQL
Date: Tue, 17 Oct 2023 21:04:42 -0400
Message-ID: <20231018010445.528-5-mikuback@linux.microsoft.com>
In-Reply-To: <20231018010445.528-1-mikuback@linux.microsoft.com>
References: <20231018010445.528-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: 
 <https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/plugh>
X-Gm-Message-State: ecNHGnyKA9y05lKlvS9bzaXtx1787277AA=
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1697591122496100003
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Adds the `--codeql` parameter to `stuart_update` and
`stuart_ci_build`.

- `stuart_update --codeql` - Downloads the CodeQL CLI locally. The
  command will pull the appropriate binary for the host OS.
- `stuart_ci_build --codeql` - Runs CodeQL during the build resulting
  in a CodeQL database and SARIF result file in the `Build`
  directory.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
 .pytool/CISettings.py | 30 ++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index c5803a877c36..b8b8080439c1 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -7,12 +7,27 @@
 ##
 import os
 import logging
+import sys
 from edk2toolext.environment import shell_environment
 from edk2toolext.invocables.edk2_ci_build import CiBuildSettingsManager
 from edk2toolext.invocables.edk2_setup import SetupSettingsManager, Requir=
edSubmodule
 from edk2toolext.invocables.edk2_update import UpdateSettingsManager
 from edk2toolext.invocables.edk2_pr_eval import PrEvalSettingsManager
 from edk2toollib.utility_functions import GetHostInfo
+from pathlib import Path
+
+
+try:
+    # Temporarily needed until edk2 can update to the latest edk2-pytools
+    # that has the CodeQL helpers.
+    #
+    # May not be present until submodules are populated.
+    #
+    root =3D Path(__file__).parent.parent.resolve()
+    sys.path.append(str(root/'BaseTools'/'Plugin'/'CodeQL'/'integration'))
+    import stuart_codeql as codeql_helpers
+except ImportError:
+    pass
=20
=20
 class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSetting=
sManager, PrEvalSettingsManager):
@@ -34,6 +49,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsMan=
ager, SetupSettingsManag
         group.add_argument("-force_piptools", "--fpt", dest=3D"force_pipto=
ols", action=3D"store_true", default=3DFalse, help=3D"Force the system to u=
se pip tools")
         group.add_argument("-no_piptools", "--npt", dest=3D"no_piptools", =
action=3D"store_true", default=3DFalse, help=3D"Force the system to not use=
 pip tools")
=20
+        try:
+            codeql_helpers.add_command_line_option(parserObj)
+        except NameError:
+            pass
+
     def RetrieveCommandLineOptions(self, args):
         super().RetrieveCommandLineOptions(args)
         if args.force_piptools:
@@ -41,6 +61,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsMan=
ager, SetupSettingsManag
         if args.no_piptools:
             self.UseBuiltInBaseTools =3D False
=20
+        try:
+            self.codeql =3D codeql_helpers.is_codeql_enabled_on_command_li=
ne(args)
+        except NameError:
+            pass
+
     # ####################################################################=
################### #
     #                        Default Support for this Ci Build            =
                    #
     # ####################################################################=
################### #
@@ -169,6 +194,11 @@ class Settings(CiBuildSettingsManager, UpdateSettingsM=
anager, SetupSettingsManag
             else:
                 logging.warning("Falling back to using in-tree BaseTools")
=20
+            try:
+                scopes +=3D codeql_helpers.get_scopes(self.codeql)
+            except NameError:
+                pass
+
             self.ActualScopes =3D scopes
         return self.ActualScopes
=20
--=20
2.42.0.windows.2



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109698): https://edk2.groups.io/g/devel/message/109698
Mute This Topic: https://groups.io/mt/102031059/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-