From 09c1604fae551c86a2a4b4686075b14956c293ea Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 24 Mar 2025 08:37:33 -0400 Subject: [PATCH 1/7] Update references to org and version - s/0.3.0/0.2.1/ - s/kraiouchkine/advanced-security/ --- .github/actions/install-qlt-local/action.yml | 2 +- .github/workflows/internal-build-release-linux64.yml | 2 +- .github/workflows/internal-build-release-macos64.yml | 2 +- .github/workflows/internal-build-release-win64.yml | 2 +- developer_guide.md | 4 ++-- scripts/build_codeql_bundle_dist.ps1 | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/actions/install-qlt-local/action.yml b/.github/actions/install-qlt-local/action.yml index 1fbcfde..38443ee 100644 --- a/.github/actions/install-qlt-local/action.yml +++ b/.github/actions/install-qlt-local/action.yml @@ -60,7 +60,7 @@ runs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.3.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-linux64.yml b/.github/workflows/internal-build-release-linux64.yml index 5a9dc7b..0104752 100644 --- a/.github/workflows/internal-build-release-linux64.yml +++ b/.github/workflows/internal-build-release-linux64.yml @@ -50,7 +50,7 @@ jobs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.3.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-macos64.yml b/.github/workflows/internal-build-release-macos64.yml index 5f63213..e4772de 100644 --- a/.github/workflows/internal-build-release-macos64.yml +++ b/.github/workflows/internal-build-release-macos64.yml @@ -48,7 +48,7 @@ jobs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.3.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/macos-arm64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/macos-arm64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-win64.yml b/.github/workflows/internal-build-release-win64.yml index 58f73b6..ba719c6 100644 --- a/.github/workflows/internal-build-release-win64.yml +++ b/.github/workflows/internal-build-release-win64.yml @@ -45,7 +45,7 @@ jobs: pip install -U pyinstaller # run the packaging - .\scripts\build_codeql_bundle_dist.ps1 -Version 0.3.0 -WorkDirectory dist -DestinationDirectory .\src\CodeQLToolkit.Core\bin\Release\net6.0\publish\windows-x64\tools\ + .\scripts\build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory .\src\CodeQLToolkit.Core\bin\Release\net6.0\publish\windows-x64\tools\ env: GH_TOKEN: ${{ github.token }} diff --git a/developer_guide.md b/developer_guide.md index 674d4bd..c83d7b3 100644 --- a/developer_guide.md +++ b/developer_guide.md @@ -15,7 +15,7 @@ Note that we keep recent copies of tools (for local debugging purposes) in the ` **CodeQL Bundle** ``` -./scripts/build_codeql_bundle_dist.ps1 -Version 0.3.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Debug/net6.0/tools +./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Debug/net6.0/tools ``` @@ -47,4 +47,4 @@ namespace CodeQLToolkit.Features.Test.Lifecycle.Targets.Actions } } } -``` \ No newline at end of file +``` diff --git a/scripts/build_codeql_bundle_dist.ps1 b/scripts/build_codeql_bundle_dist.ps1 index 1e9547e..a3956d0 100644 --- a/scripts/build_codeql_bundle_dist.ps1 +++ b/scripts/build_codeql_bundle_dist.ps1 @@ -20,7 +20,7 @@ if (-not (Test-Path $DestinationDirectory)) { } # download a copy of the release from GitHub -gh release download "v$Version" --repo https://github.com/kraiouchkine/codeql-bundle -D $WorkDirectory -A zip +gh release download "v$Version" --repo https://github.com/advanced-security/codeql-bundle -D $WorkDirectory -A zip # extract the zip file Expand-Archive -Path "$WorkDirectory\codeql-bundle-$Version.zip" -DestinationPath $WorkDirectory From b69b53fc6c678481d5d0f879149ef73ea612f4a7 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 24 Mar 2025 08:44:20 -0400 Subject: [PATCH 2/7] Bump version of `actions/upload-artifact` from v2 to v3 --- .../workflows/internal-pr-bundle-integration-test-cpp.yml | 6 +++--- .github/workflows/run-bundle-integration-tests-cpp.yml | 4 ++-- .github/workflows/run-codeql-unit-tests-cpp.yml | 2 +- .../Bundle/Actions/run-bundle-integration-tests.liquid | 4 ++-- .../Templates/Test/Actions/run-unit-tests.liquid | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml index d78b7ee..085868c 100644 --- a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml +++ b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml @@ -85,7 +85,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: actual.sarif path: | @@ -93,7 +93,7 @@ jobs: if-no-files-found: error - name: Upload Bundles - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: codeql-bundles path: | @@ -107,4 +107,4 @@ jobs: shell: bash run: | # Compare the expected vs the actual - qlt bundle run validate-integration-tests --expected example/integration-tests/cpp/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/cpp.sarif \ No newline at end of file + qlt bundle run validate-integration-tests --expected example/integration-tests/cpp/expected.sarif --actual ${{ steps.analysis.outputs.sarif-output }}/cpp.sarif diff --git a/.github/workflows/run-bundle-integration-tests-cpp.yml b/.github/workflows/run-bundle-integration-tests-cpp.yml index f3569c6..7a58eaa 100644 --- a/.github/workflows/run-bundle-integration-tests-cpp.yml +++ b/.github/workflows/run-bundle-integration-tests-cpp.yml @@ -65,7 +65,7 @@ jobs: ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ - name: Upload Bundles - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: codeql-bundles path: | @@ -102,7 +102,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: actual.sarif path: | diff --git a/.github/workflows/run-codeql-unit-tests-cpp.yml b/.github/workflows/run-codeql-unit-tests-cpp.yml index b197884..d6406a6 100644 --- a/.github/workflows/run-codeql-unit-tests-cpp.yml +++ b/.github/workflows/run-codeql-unit-tests-cpp.yml @@ -106,7 +106,7 @@ jobs: - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | diff --git a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid index 280c848..18a1afb 100644 --- a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid +++ b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid @@ -86,7 +86,7 @@ jobs: ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ - name: Upload Bundles - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: codeql-bundles path: | @@ -130,7 +130,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: actual.sarif path: | diff --git a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid index 08ceffe..0d5d177 100644 --- a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid +++ b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid @@ -137,7 +137,7 @@ jobs: {% endif %} {% raw %} - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | From 5520835c95cb0bc2762f8db0da6ec33cc0bc528a Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 24 Mar 2025 08:47:05 -0400 Subject: [PATCH 3/7] Bump version of `actions/upload-artifact` from v3 to v4 --- .github/workflows/internal-build-release-linux64.yml | 2 +- .github/workflows/internal-build-release-macos64.yml | 2 +- .github/workflows/internal-build-release-win64.yml | 2 +- .github/workflows/internal-pr-build-linux.yml | 2 +- .github/workflows/internal-pr-bundle-integration-test-cpp.yml | 4 ++-- .github/workflows/run-bundle-integration-tests-cpp.yml | 4 ++-- .github/workflows/run-codeql-unit-tests-cpp.yml | 2 +- .../Bundle/Actions/run-bundle-integration-tests.liquid | 4 ++-- .../Templates/Test/Actions/run-unit-tests.liquid | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/internal-build-release-linux64.yml b/.github/workflows/internal-build-release-linux64.yml index 0104752..5b2b085 100644 --- a/.github/workflows/internal-build-release-linux64.yml +++ b/.github/workflows/internal-build-release-linux64.yml @@ -69,7 +69,7 @@ jobs: - name: Upload build artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: qlt-dist path: qlt*.zip diff --git a/.github/workflows/internal-build-release-macos64.yml b/.github/workflows/internal-build-release-macos64.yml index e4772de..45e3f56 100644 --- a/.github/workflows/internal-build-release-macos64.yml +++ b/.github/workflows/internal-build-release-macos64.yml @@ -65,7 +65,7 @@ jobs: popd - name: Upload build artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: qlt-dist path: qlt*.zip diff --git a/.github/workflows/internal-build-release-win64.yml b/.github/workflows/internal-build-release-win64.yml index ba719c6..414d8d2 100644 --- a/.github/workflows/internal-build-release-win64.yml +++ b/.github/workflows/internal-build-release-win64.yml @@ -59,7 +59,7 @@ jobs: Pop-Location - name: Upload build artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: qlt-dist path: qlt*.zip diff --git a/.github/workflows/internal-pr-build-linux.yml b/.github/workflows/internal-pr-build-linux.yml index 96df3ce..d0b917a 100644 --- a/.github/workflows/internal-pr-build-linux.yml +++ b/.github/workflows/internal-pr-build-linux.yml @@ -33,7 +33,7 @@ jobs: Compress-Archive -Path .\src\CodeQLToolkit.Core\bin\Release\net6.0\publish\linux-x64\* -DestinationPath qlt-linux-x86_64.zip - name: Upload build artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: qlt-dist path: qlt*.zip diff --git a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml index 085868c..f732af3 100644 --- a/.github/workflows/internal-pr-bundle-integration-test-cpp.yml +++ b/.github/workflows/internal-pr-bundle-integration-test-cpp.yml @@ -85,7 +85,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: actual.sarif path: | @@ -93,7 +93,7 @@ jobs: if-no-files-found: error - name: Upload Bundles - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: codeql-bundles path: | diff --git a/.github/workflows/run-bundle-integration-tests-cpp.yml b/.github/workflows/run-bundle-integration-tests-cpp.yml index 7a58eaa..6e051a6 100644 --- a/.github/workflows/run-bundle-integration-tests-cpp.yml +++ b/.github/workflows/run-bundle-integration-tests-cpp.yml @@ -65,7 +65,7 @@ jobs: ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ - name: Upload Bundles - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: codeql-bundles path: | @@ -102,7 +102,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: actual.sarif path: | diff --git a/.github/workflows/run-codeql-unit-tests-cpp.yml b/.github/workflows/run-codeql-unit-tests-cpp.yml index d6406a6..fb17623 100644 --- a/.github/workflows/run-codeql-unit-tests-cpp.yml +++ b/.github/workflows/run-codeql-unit-tests-cpp.yml @@ -106,7 +106,7 @@ jobs: - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | diff --git a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid index 18a1afb..fd2c109 100644 --- a/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid +++ b/src/CodeQLToolkit.Features/Templates/Bundle/Actions/run-bundle-integration-tests.liquid @@ -86,7 +86,7 @@ jobs: ls -l ${{ env.QLT_CODEQL_HOME }}/../out/ - name: Upload Bundles - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: codeql-bundles path: | @@ -130,7 +130,7 @@ jobs: ls -l ${{ steps.analysis.outputs.sarif-output }} - name: Upload SARIF Results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: actual.sarif path: | diff --git a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid index 0d5d177..e678dec 100644 --- a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid +++ b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid @@ -137,7 +137,7 @@ jobs: {% endif %} {% raw %} - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | From 0bf9ce309dfaf592284b293156e8cae9f45a2063 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 24 Mar 2025 10:42:55 -0400 Subject: [PATCH 4/7] Change refs of 0.2.1 to 0.4.0 --- .github/actions/install-qlt-local/action.yml | 2 +- .github/workflows/internal-build-release-linux64.yml | 2 +- .github/workflows/internal-build-release-macos64.yml | 2 +- .github/workflows/internal-build-release-win64.yml | 2 +- developer_guide.md | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/install-qlt-local/action.yml b/.github/actions/install-qlt-local/action.yml index 38443ee..15865d3 100644 --- a/.github/actions/install-qlt-local/action.yml +++ b/.github/actions/install-qlt-local/action.yml @@ -60,7 +60,7 @@ runs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.4.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-linux64.yml b/.github/workflows/internal-build-release-linux64.yml index 5b2b085..b109012 100644 --- a/.github/workflows/internal-build-release-linux64.yml +++ b/.github/workflows/internal-build-release-linux64.yml @@ -50,7 +50,7 @@ jobs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.4.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/linux-x64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-macos64.yml b/.github/workflows/internal-build-release-macos64.yml index 45e3f56..8442a97 100644 --- a/.github/workflows/internal-build-release-macos64.yml +++ b/.github/workflows/internal-build-release-macos64.yml @@ -48,7 +48,7 @@ jobs: pip install -U pyinstaller # run the packaging - ./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/macos-arm64/tools/ + ./scripts/build_codeql_bundle_dist.ps1 -Version 0.4.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Release/net6.0/publish/macos-arm64/tools/ env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/internal-build-release-win64.yml b/.github/workflows/internal-build-release-win64.yml index 414d8d2..e3f8d7d 100644 --- a/.github/workflows/internal-build-release-win64.yml +++ b/.github/workflows/internal-build-release-win64.yml @@ -45,7 +45,7 @@ jobs: pip install -U pyinstaller # run the packaging - .\scripts\build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory .\src\CodeQLToolkit.Core\bin\Release\net6.0\publish\windows-x64\tools\ + .\scripts\build_codeql_bundle_dist.ps1 -Version 0.4.0 -WorkDirectory dist -DestinationDirectory .\src\CodeQLToolkit.Core\bin\Release\net6.0\publish\windows-x64\tools\ env: GH_TOKEN: ${{ github.token }} diff --git a/developer_guide.md b/developer_guide.md index c83d7b3..fd6ed9d 100644 --- a/developer_guide.md +++ b/developer_guide.md @@ -15,7 +15,7 @@ Note that we keep recent copies of tools (for local debugging purposes) in the ` **CodeQL Bundle** ``` -./scripts/build_codeql_bundle_dist.ps1 -Version 0.2.1 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Debug/net6.0/tools +./scripts/build_codeql_bundle_dist.ps1 -Version 0.4.0 -WorkDirectory dist -DestinationDirectory ./src/CodeQLToolkit.Core/bin/Debug/net6.0/tools ``` From 54aa84c80c21853ee643c128f18e2ab15764d1f6 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 26 Mar 2025 11:39:59 +0100 Subject: [PATCH 5/7] Bump download-artifact@v2 to @v4 and format. --- .github/workflows/run-codeql-unit-tests-cpp.yml | 2 +- .../Templates/Test/Actions/run-unit-tests.liquid | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run-codeql-unit-tests-cpp.yml b/.github/workflows/run-codeql-unit-tests-cpp.yml index fb17623..6d493df 100644 --- a/.github/workflows/run-codeql-unit-tests-cpp.yml +++ b/.github/workflows/run-codeql-unit-tests-cpp.yml @@ -132,7 +132,7 @@ jobs: - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 - name: Validate test results run: | diff --git a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid index e678dec..ab6a936 100644 --- a/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid +++ b/src/CodeQLToolkit.Features/Templates/Test/Actions/run-unit-tests.liquid @@ -170,7 +170,7 @@ jobs: {% endif %} {% raw %} - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 - name: Validate test results run: | From 08686c985b185fd3b569bbec75b6fb12645ad10b Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 26 Mar 2025 12:14:37 +0100 Subject: [PATCH 6/7] Use poetry-plugin-export instead of export --- scripts/build_codeql_bundle_dist.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/build_codeql_bundle_dist.ps1 b/scripts/build_codeql_bundle_dist.ps1 index a3956d0..3dc92e9 100644 --- a/scripts/build_codeql_bundle_dist.ps1 +++ b/scripts/build_codeql_bundle_dist.ps1 @@ -32,6 +32,7 @@ Push-Location $ArchiveDirectory # at this point python should already be installed as well as poetry # export the requirements +poetry self add poetry-plugin-export poetry export -f requirements.txt > requirements.txt # install the requirements From 0512ddc1c5a590ebb241d53e6eeefce7dda32f71 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 26 Mar 2025 12:45:20 +0100 Subject: [PATCH 7/7] Add error checks to build_codeql_bundle_dist --- scripts/build_codeql_bundle_dist.ps1 | 57 ++++++++++++++++++---------- 1 file changed, 36 insertions(+), 21 deletions(-) diff --git a/scripts/build_codeql_bundle_dist.ps1 b/scripts/build_codeql_bundle_dist.ps1 index 3dc92e9..72beab8 100644 --- a/scripts/build_codeql_bundle_dist.ps1 +++ b/scripts/build_codeql_bundle_dist.ps1 @@ -1,16 +1,17 @@ param( [Parameter(Mandatory = $true)] - [string] - $Version, + [string] $Version, + [Parameter(Mandatory = $true)] - [string] - $WorkDirectory, + [string] $WorkDirectory, [Parameter(Mandatory = $true)] - [string] - $DestinationDirectory + [string] $DestinationDirectory ) +# Fail on any built-in command failure +$ErrorActionPreference = "Stop" + if (-not (Test-Path $WorkDirectory)) { New-Item -ItemType Directory -Path $WorkDirectory | Out-Null } @@ -19,33 +20,50 @@ if (-not (Test-Path $DestinationDirectory)) { New-Item -ItemType Directory -Path $DestinationDirectory | Out-Null } -# download a copy of the release from GitHub -gh release download "v$Version" --repo https://github.com/advanced-security/codeql-bundle -D $WorkDirectory -A zip +# Download a copy of the release from GitHub +gh release download "v$Version" --repo https://github.com/advanced-security/codeql-bundle -D $WorkDirectory -A zip +if ($LASTEXITCODE -ne 0) { + throw "Failed to download release from GitHub (gh)" +} -# extract the zip file +# Extract the zip file Expand-Archive -Path "$WorkDirectory\codeql-bundle-$Version.zip" -DestinationPath $WorkDirectory -# creates a directory named `codeql-bundle-` +# Create path to archive directory (named codeql-bundle-) $ArchiveDirectory = Join-Path $WorkDirectory "codeql-bundle-$Version" Push-Location $ArchiveDirectory -# at this point python should already be installed as well as poetry -# export the requirements +# Export the requirements using poetry poetry self add poetry-plugin-export -poetry export -f requirements.txt > requirements.txt +if ($LASTEXITCODE -ne 0) { + throw "Failed to add poetry-plugin-export" +} + +poetry export -f requirements.txt --output requirements.txt +if ($LASTEXITCODE -ne 0) { + throw "Failed to export requirements using poetry" +} -# install the requirements +# Install the requirements using pip pip install -r requirements.txt +if ($LASTEXITCODE -ne 0) { + throw "Failed to install requirements using pip" +} +# Move into the cli directory Push-Location "codeql_bundle" -# pyinstaller should also be installed +# Build executable with pyinstaller pyinstaller -F -n codeql_bundle cli.py +if ($LASTEXITCODE -ne 0) { + throw "PyInstaller build failed" +} -Pop-Location -Pop-Location +Pop-Location +Pop-Location +# Determine built output binary path if ($IsWindows) { $OutputFile = Join-Path $ArchiveDirectory "codeql_bundle" "dist" "codeql_bundle.exe" } @@ -53,8 +71,5 @@ else { $OutputFile = Join-Path $ArchiveDirectory "codeql_bundle" "dist" "codeql_bundle" } - -# this will output the binary in the `dist` directory - we should copy that binary the toplevel directory. +# Copy the binary to the destination directory Copy-Item -Path $OutputFile -Destination $DestinationDirectory - -