From fd619ec4608564fe6cf5ba8f9ae986206355861e Mon Sep 17 00:00:00 2001
From: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Date: Mon, 30 Sep 2024 06:50:13 +0000
Subject: BaseTools/CodeQl: Give preference to Plugin settings

For the CodeQl `AuditOnly` flag,
prioritize Plugin settings over global settings.

This patch adjusts the logic for the global `AuditOnly` setting,
placing it before the Plugin setting code.
This ensures that Plugin settings take precedence over global settings.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Joey Vagedes <joey.vagedes@gmail.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
---
 BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'BaseTools')

diff --git a/BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py b/BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py
index 9734478f8b..88a533cafe 100644
--- a/BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py
+++ b/BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py
@@ -3,6 +3,7 @@
 # A build plugin that analyzes a CodeQL database.
 #
 # Copyright (c) Microsoft Corporation. All rights reserved.
+# Copyright (C) 2024 Advanced Micro Devices, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 ##
 
@@ -78,6 +79,11 @@ class CodeQlAnalyzePlugin(IUefiBuildPlugin):
         # Packages are allowed to specify package-specific query specifiers
         # in the package CI YAML file that override the global query specifier.
         audit_only = False
+        global_audit_only = builder.env.GetValue("STUART_CODEQL_AUDIT_ONLY")
+        if global_audit_only:
+            if global_audit_only.strip().lower() == "true":
+                audit_only = True
+
         query_specifiers = None
         package_config_file = Path(os.path.join(
                                 self.package_path, self.package + ".ci.yaml"))
@@ -94,11 +100,6 @@ class CodeQlAnalyzePlugin(IUefiBuildPlugin):
                                       f"{str(package_config_file)}")
                         query_specifiers = plugin_data["QuerySpecifiers"]
 
-        global_audit_only = builder.env.GetValue("STUART_CODEQL_AUDIT_ONLY")
-        if global_audit_only:
-            if global_audit_only.strip().lower() == "true":
-                audit_only = True
-
         if audit_only:
             logging.info(f"CodeQL Analyze plugin is in audit only mode for "
                          f"{self.package} ({self.target}).")
-- 
cgit v1.2.3