diff options
| author | Michael Kubacki <mikuback@microsoft.com> | 2023-10-13 21:56:53 -0400 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2023-11-07 03:19:26 +0000 |
| commit | a3e8efcc8efa87b3cafb5648e956b3396493fce1 (patch) | |
| tree | c34e95b47fd8a59a3374efe083eb1e839e25eae4 | |
| parent | 1384ce443ded4e75fce9c100a98ed0897619f098 (diff) | |
| download | edk2-a3e8efcc8efa87b3cafb5648e956b3396493fce1.tar.gz edk2-a3e8efcc8efa87b3cafb5648e956b3396493fce1.tar.bz2 edk2-a3e8efcc8efa87b3cafb5648e956b3396493fce1.zip | |
.pytool/CISettings: Enable CodeQL audit mode
Since a large number of CodeQL queries are being enabled to identify
issues that the community can collectively resolve, audit mode needs to
be enabled to prevent the build from failing.
In the future, this global audit mode can be disabled and individual
packages can enable/disable audit mode in their package CI YAML file
using the instructions in the CodeQL plugin readme.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
| -rw-r--r-- | .pytool/CISettings.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py index b8b8080439..ec3beb0dcf 100644 --- a/.pytool/CISettings.py +++ b/.pytool/CISettings.py @@ -196,6 +196,12 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag try:
scopes += codeql_helpers.get_scopes(self.codeql)
+
+ if self.codeql:
+ shell_environment.GetBuildVars().SetValue(
+ "STUART_CODEQL_AUDIT_ONLY",
+ "TRUE",
+ "Set in CISettings.py")
except NameError:
pass
|