From 267020e748f7d435f078eb65faaa234744ff4811 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 00:30:00 -0800 Subject: [PATCH 01/12] Add CodeQL --- .github/workflows/codeql.yml | 56 ++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..6db4d138 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,56 @@ +name: "CodeQL" + +on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] + workflow_dispatch: + inputs: + appVersion: + description: 'FModel Version And Release Tag' + required: false + default: '4.4.X.X' + +jobs: + analyze: + name: Analyze + runs-on: 'windows-latest' + timeout-minutes: 360 + permissions: + security-events: write + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + language: [ 'csharp' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: 'true' + + - name: Fetch Submodules Recursively + run: git submodule update --init --recursive + + - name: .NET 6 Setup + uses: actions/setup-dotnet@v2 + with: + dotnet-version: '6.0.x' + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From 1c7281233dc8e4b60e97aac72d541d29b60ad4a9 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 02:14:04 -0800 Subject: [PATCH 02/12] Update codeql.yml --- .github/workflows/codeql.yml | 98 ++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 43 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6db4d138..34739dd7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,56 +1,68 @@ name: "CodeQL" on: - push: - branches: [ "master" ] - pull_request: - branches: [ "master" ] workflow_dispatch: inputs: - appVersion: - description: 'FModel Version And Release Tag' - required: false - default: '4.4.X.X' + dotnetVersion: + description: 'Override .NET Version (Default: 6.0.x, 7.0.x, 8.0.x)' + required: false + default: '' + latestOnly: + description: 'Scan with only the latest Windows runner (true/false)' + required: false + default: 'false' jobs: - analyze: - name: Analyze - runs-on: 'windows-latest' - timeout-minutes: 360 - permissions: - security-events: write - actions: read - contents: read + setup_matrix: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - id: set-matrix + run: | + echo "::set-output name=matrix::${{ toJson({ + include: [ + { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-2019' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '6.0.x' }} }, + { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-latest' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '7.0.x' }} }, + { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-latest' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '8.0.x' }} } + ] + })}}" + analyze: + needs: setup_matrix + runs-on: ${{ matrix.os }} strategy: fail-fast: false - matrix: - language: [ 'csharp' ] - + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - submodules: 'true' + - name: Check out repository code + - uses: actions/checkout@v4 - - name: Fetch Submodules Recursively - run: git submodule update --init --recursive + - name: .NET Setup + uses: actions/setup-dotnet@v4 + with: + dotnet-version: ${{ matrix.dotnet-version }} - - name: .NET 6 Setup - uses: actions/setup-dotnet@v2 - with: - dotnet-version: '6.0.x' - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: 'true' + + - name: Fetch Submodules Recursively + run: git submodule update --init --recursive + + - name: .NET Setup + uses: actions/setup-dotnet@v4 + with: + dotnet-version: ${{ matrix.dotnet-version }} + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: 'csharp' + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 From 442056a12f79d26fd0db1ced9d5a486e24160d10 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 02:47:48 -0800 Subject: [PATCH 03/12] Update codeql.yml --- .github/workflows/codeql.yml | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 34739dd7..98df02a8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -20,14 +20,27 @@ jobs: steps: - id: set-matrix run: | - echo "::set-output name=matrix::${{ toJson({ - include: [ - { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-2019' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '6.0.x' }} }, - { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-latest' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '7.0.x' }} }, - { os: '${{ github.event.inputs.latestOnly == 'true' && 'windows-latest' || 'windows-latest' }}', dotnet-version: ${{ github.event.inputs.dotnetVersion || '8.0.x' }} } + MATRIX_JSON=$(cat < Date: Sat, 24 Feb 2024 02:50:44 -0800 Subject: [PATCH 04/12] Update codeql.yml --- .github/workflows/codeql.yml | 37 +++++++++++++++--------------------- 1 file changed, 15 insertions(+), 22 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 98df02a8..a24ac452 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -19,28 +19,21 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - id: set-matrix - run: | - MATRIX_JSON=$(cat < Date: Sat, 24 Feb 2024 02:55:13 -0800 Subject: [PATCH 05/12] Update codeql.yml --- .github/workflows/codeql.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a24ac452..fe6cc9d1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -16,15 +16,16 @@ jobs: setup_matrix: runs-on: ubuntu-latest outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} + matrix: ${{ steps.set-matrix.outputs.result }} steps: - id: set-matrix uses: actions/github-script@v7 with: + result-encoding: string script: | - const dotnetVersion = '${{ github.event.inputs.dotnetVersion }}'; const latestOnly = ${{ github.event.inputs.latestOnly }} == 'true'; const osVersion = latestOnly ? 'windows-latest' : 'windows-2019'; + const dotnetVersion = ${{ github.event.inputs.dotnetVersion }}; const matrix = { include: [ { os: osVersion, dotnet-version: dotnetVersion || '6.0.x' }, @@ -32,7 +33,7 @@ jobs: { os: 'windows-latest', dotnet-version: dotnetVersion || '8.0.x' } ] }; - core.setOutput('matrix', JSON.stringify(matrix)); + return JSON.stringify(matrix); analyze: needs: setup_matrix From 19c33a7b0204445491d6329d5478f60653f19bd8 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:00:12 -0800 Subject: [PATCH 06/12] Update codeql.yml --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fe6cc9d1..0a6ac3de 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -19,7 +19,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.result }} steps: - id: set-matrix - uses: actions/github-script@v7 + - uses: actions/github-script@v7 with: result-encoding: string script: | From d30581f502086f5eca0c7adc658af7e215c836c0 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:02:41 -0800 Subject: [PATCH 07/12] Update codeql.yml --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0a6ac3de..60f87b9e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -18,8 +18,8 @@ jobs: outputs: matrix: ${{ steps.set-matrix.outputs.result }} steps: - - id: set-matrix - uses: actions/github-script@v7 + id: set-matrix with: result-encoding: string script: | From 3f06aeb5b2359065dced7b64e3c1a820f3bc9b2f Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:05:06 -0800 Subject: [PATCH 08/12] Update codeql.yml --- .github/workflows/codeql.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 60f87b9e..c4d8c37c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -42,14 +42,6 @@ jobs: fail-fast: false matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} steps: - - name: Check out repository code - - uses: actions/checkout@v4 - - - name: .NET Setup - uses: actions/setup-dotnet@v4 - with: - dotnet-version: ${{ matrix.dotnet-version }} - - name: Checkout repository uses: actions/checkout@v4 with: From 7405ceea720b29e309b6317e11a1b5278756afd9 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:07:31 -0800 Subject: [PATCH 09/12] Update codeql.yml --- .github/workflows/codeql.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c4d8c37c..bbda0114 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,6 +1,10 @@ name: "CodeQL" on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] workflow_dispatch: inputs: dotnetVersion: From f15a81c03e39432ffd1c3befc70b883861ed888d Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:08:54 -0800 Subject: [PATCH 10/12] Update codeql.yml --- .github/workflows/codeql.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bbda0114..2a05be63 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,9 +27,9 @@ jobs: with: result-encoding: string script: | - const latestOnly = ${{ github.event.inputs.latestOnly }} == 'true'; + const latestOnly = "${{ github.event.inputs.latestOnly }}" == 'true'; const osVersion = latestOnly ? 'windows-latest' : 'windows-2019'; - const dotnetVersion = ${{ github.event.inputs.dotnetVersion }}; + const dotnetVersion = "${{ github.event.inputs.dotnetVersion }}"; const matrix = { include: [ { os: osVersion, dotnet-version: dotnetVersion || '6.0.x' }, @@ -38,6 +38,7 @@ jobs: ] }; return JSON.stringify(matrix); + analyze: needs: setup_matrix From d931c114f299ea2fc041c553f7504cd70ccb4269 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:11:48 -0800 Subject: [PATCH 11/12] Update codeql.yml --- .github/workflows/codeql.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2a05be63..458d46f4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,13 +32,14 @@ jobs: const dotnetVersion = "${{ github.event.inputs.dotnetVersion }}"; const matrix = { include: [ - { os: osVersion, dotnet-version: dotnetVersion || '6.0.x' }, - { os: 'windows-latest', dotnet-version: dotnetVersion || '7.0.x' }, - { os: 'windows-latest', dotnet-version: dotnetVersion || '8.0.x' } + { os: osVersion, 'dotnet-version': dotnetVersion || '6.0.x' }, + { os: 'windows-latest', 'dotnet-version': dotnetVersion || '7.0.x' }, + { os: 'windows-latest', 'dotnet-version': dotnetVersion || '8.0.x' } ] }; return JSON.stringify(matrix); + analyze: needs: setup_matrix From 6fb0e5fc8ebd7e66dd748a00a4f6158b812685c0 Mon Sep 17 00:00:00 2001 From: DJ Magar <85457381+DJStompZone@users.noreply.github.com> Date: Sat, 24 Feb 2024 03:15:26 -0800 Subject: [PATCH 12/12] Update codeql.yml --- .github/workflows/codeql.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 458d46f4..036ab524 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,18 +28,18 @@ jobs: result-encoding: string script: | const latestOnly = "${{ github.event.inputs.latestOnly }}" == 'true'; - const osVersion = latestOnly ? 'windows-latest' : 'windows-2019'; - const dotnetVersion = "${{ github.event.inputs.dotnetVersion }}"; - const matrix = { - include: [ - { os: osVersion, 'dotnet-version': dotnetVersion || '6.0.x' }, - { os: 'windows-latest', 'dotnet-version': dotnetVersion || '7.0.x' }, - { os: 'windows-latest', 'dotnet-version': dotnetVersion || '8.0.x' } - ] - }; + const dotnetVersions = ["6.0.x", "7.0.x", "8.0.x"]; + const osVersions = latestOnly ? ['windows-latest'] : ['windows-2019', 'windows-latest']; + const matrix = { include: [] }; + for (const osVersion of osVersions) { + for (const dotnetVersion of dotnetVersions) { + matrix.include.push({ os: osVersion, 'dotnet-version': dotnetVersion }); + } + } return JSON.stringify(matrix); + analyze: needs: setup_matrix