Skip to content

[release/7.0] Add CodeQL3000 run to aspnetcore-ci-official #44717

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 4, 2022
Merged

[release/7.0] Add CodeQL3000 run to aspnetcore-ci-official #44717

merged 1 commit into from
Nov 4, 2022

Conversation

dougbu
Copy link
Contributor

@dougbu dougbu commented Oct 24, 2022
edited
Loading

  • backport of Add CodeQL3000 run to aspnetcore-ci-official #44688
  • add new schedule for a weekly run
  • add top-level parameter enabling CodeQL3000 in manual builds
  • add enableSBOM and variables parameters in default-build.yml
  • add a separate job w/ CodeQL3000 tasks included in build steps; run this job alone
    • use the new default-build.yml parameters
    • set $(UseSharedCompilation) to false to ease analysis
  • tag CodeQL3000 runs
  • add a tsaoptions.json file
    • cribbed values from our eng/sdl-tsa-vars.config file

nit: Unconditionally disable the auto-injected component governance build step

  • job.yml inserts the task where we need (unless overridden)

@dougbu dougbu added area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework tell-mode Indicates a PR which is being merged during tell-mode labels Oct 24, 2022
@dougbu dougbu requested review from garath and a team October 24, 2022 21:24
@dougbu dougbu requested a review from wtgodbe as a code owner October 24, 2022 21:24
@ghost
Copy link

ghost commented Oct 24, 2022

Hey @dotnet/aspnet-build, looks like this PR is something you want to take a look at.

@dougbu
Copy link
Contributor Author

dougbu commented Oct 24, 2022

About the same as #44688 but release/6.0 had more leftover CG bits

@dougbu dougbu enabled auto-merge (squash) October 24, 2022 21:27
@dougbu dougbu disabled auto-merge October 24, 2022 23:37
This was referenced Oct 24, 2022
Merged
Merged
@dougbu
[release/7.0] Add CodeQL3000 run to aspnetcore-ci-official
5117682 
- backport of #44688
- add new schedule for a weekly run
- add top-level parameter enabling CodeQL3000 in manual builds
- add `enableSBOM` and `variables` parameters in default-build.yml
- add a separate job w/ CodeQL3000 tasks included in build steps; run this job alone
  - use the new default-build.yml parameters
  - set `$(UseSharedCompilation)` to `false` to ease analysis
- add tag indicating CodeQL3000 tasks did useful work
  - ignore no-op task executions
- add a tsaoptions.json file
  - cribbed values from our eng/sdl-tsa-vars.config file

nit: Unconditionally disable the auto-injected component governance build step
- job.yml inserts the task where we need (unless overridden)
@dougbu dougbu force-pushed the dougbu/CodeQL3000/7.0 branch from 478adca to 5117682 Compare October 31, 2022 23:50
dougbu added a commit that referenced this pull request Nov 2, 2022
@dougbu
[release/6.0] Add CodeQL3000 run to aspnetcore-ci-official (#44719)
1edbaa9 
- backport of #44688, via #44717
- add new schedule for a weekly run
- add top-level parameter enabling CodeQL3000 in manual builds
- add `enableSBOM` and `variables` parameters in default-build.yml
- add a separate job w/ CodeQL3000 tasks included in build steps; run this job alone
  - use the new default-build.yml parameters
  - set `$(UseSharedCompilation)` to `false` to ease analysis
- add tag indicating CodeQL3000 tasks did useful work
  - ignore no-op task executions
- add a tsaoptions.json file
  - cribbed values from our eng/sdl-tsa-vars.config file

nit: Unconditionally disable the auto-injected component governance build step
- job.yml inserts the task where we need (unless overridden)
@dougbu dougbu merged commit 0bf66dc into dotnet:release/7.0 Nov 4, 2022
@dougbu dougbu deleted the dougbu/CodeQL3000/7.0 branch November 4, 2022 03:07
@dougbu dougbu added this to the 7.0.1 milestone Nov 8, 2022
dougbu added a commit that referenced this pull request Nov 9, 2022
@dougbu
[release/2.1] Add CodeQL3000 run to aspnetcore-ci-official (#44720)
b874ac4 
* [release/2.1] Add CodeQL3000 run to aspnetcore-ci-official
- backport of #44688, via #44717 and #44719
  - update a bit less because we're not using Arcade here
- add new schedule for a weekly run
- add top-level parameter enabling CodeQL3000 in manual builds
- add a separate job w/ CodeQL3000 tasks included in build steps; run this job alone
  - set `$(UseSharedCompilation)` to `false` to ease analysis
  - extend timeout of CodeQL3000 job
- add tag indicating CodeQL3000 tasks did useful work
  - ignore no-op task executions
- add a tsaoptions.json file
  - cribbed values from our eng/sdl-tsa-vars.config file (in other branches)

* Remove flaky-on-Windows test
- `ClientAttemptingToUseUnsupportedProtocolIsLoggedAsDebug()` adds no value
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@garath garath garath approved these changes

@wtgodbe wtgodbe wtgodbe approved these changes

Assignees
No one assigned
Labels
area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework tell-mode Indicates a PR which is being merged during tell-mode
Projects
None yet
Milestone
7.0.1
Development

Successfully merging this pull request may close these issues.
3 participants
@dougbu @garath @wtgodbe