diff --git a/.codeqlversion b/.codeqlversion new file mode 100644 index 00000000..0352eb17 --- /dev/null +++ b/.codeqlversion @@ -0,0 +1 @@ +2.20.1 \ No newline at end of file diff --git a/.github/actions/install-codeql/action.yml b/.github/actions/install-codeql/action.yml index 4820f129..19a3e1b0 100644 --- a/.github/actions/install-codeql/action.yml +++ b/.github/actions/install-codeql/action.yml @@ -1,14 +1,24 @@ name: Setup CodeQL CLI description: | Install a CodeQL CLI or re-use an existing one from the cache and it to the path. -inputs: + +outputs: codeql-cli-version: - description: | - The version of the CodeQL CLI to be downloaded. + description: "The version of the CodeQL CLI that was installed or retrieved from cache" + value: ${{ steps.codeql-version.outputs.codeql-cli-version }} runs: using: composite steps: + - name: "CodeQL Version" + id: codeql-version + shell: bash + run: | + echo "Reading CodeQL CLI version from .codeqlversion file." + CODEQL_CLI_VERSION=$(cat ./.codeqlversion) + echo "CODEQL_CLI_VERSION=${CODEQL_CLI_VERSION}" >> $GITHUB_ENV + echo "codeql-cli-version=${CODEQL_CLI_VERSION}" >> $GITHUB_OUTPUT + - name: Cache CodeQL id: cache-codeql uses: actions/cache@v4 @@ -16,16 +26,19 @@ runs: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home # An explicit key for restoring and saving the cache - key: codeql-home-${{ inputs.codeql-cli-version }} + key: codeql-home-${{ steps.codeql-version.outputs.codeql-cli-version }} - name: Install CodeQL + id: install-codeql if: steps.cache-codeql.outputs.cache-hit != 'true' shell: bash env: GITHUB_TOKEN: ${{ github.token }} CODEQL_HOME: ${{ github.workspace }}/codeql_home - CODEQL_CLI_VERSION: ${{ inputs.codeql-cli-version }} + CODEQL_CLI_VERSION: ${{ steps.codeql-version.outputs.codeql-cli-version }} run: | + echo "Installing CodeQL CLI v${CODEQL_CLI_VERSION}." + mkdir -p $CODEQL_HOME echo "Change directory to $CODEQL_HOME" pushd $CODEQL_HOME @@ -38,6 +51,7 @@ runs: popd echo "Done." + echo "codeql-cli-version=${CODEQL_CLI_VERSION}" >> $GITHUB_OUTPUT - name: Add CodeQL to the PATH shell: bash diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7e7dcd64..77145daf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,9 +5,6 @@ on: branches: [ main ] workflow_dispatch: -env: - CODEQL_CLI_VERSION: 2.20.1 - jobs: compile-and-test: runs-on: ubuntu-latest @@ -31,15 +28,14 @@ jobs: - name: Setup CodeQL if: steps.changes.outputs.src == 'true' + id: install-codeql uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Install Packs if: steps.changes.outputs.src == 'true' env: GITHUB_TOKEN: ${{ github.token }} - CODEQL_CLI_VERSION: ${{ env.CODEQL_CLI_VERSION }} + CODEQL_CLI_VERSION: ${{ steps.install-codeql.outputs.codeql-cli-version }} run: | gh repo clone github/codeql -- -b codeql-cli-${CODEQL_CLI_VERSION} # to make stubs available for tests codeql pack install "${{ matrix.language }}/lib" @@ -175,8 +171,6 @@ jobs: - name: Setup CodeQL if: steps.changes.outputs.src == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Install Packs if: steps.changes.outputs.src == 'true' @@ -210,8 +204,6 @@ jobs: - name: Setup CodeQL if: steps.changes.outputs.src == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Install CodeQL if: steps.changes.outputs.src == 'true' @@ -238,8 +230,6 @@ jobs: - name: Setup CodeQL if: steps.changes.outputs.src == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: "Check Configurations" if: steps.changes.outputs.src == 'true' @@ -247,5 +237,3 @@ jobs: GITHUB_TOKEN: ${{ github.token }} run: | ./.github/scripts/pr-configs.sh "${{ github.event.number }}" - - diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0b4dd7e5..bdc0889e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -5,8 +5,6 @@ on: branches: [main] workflow_dispatch: -env: - CODEQL_CLI_VERSION: 2.20.1 jobs: queries: @@ -42,8 +40,6 @@ jobs: - name: Setup CodeQL if: steps.check_version.outputs.publish == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Publish codeql-LANG-queries (src) pack. if: steps.check_version.outputs.publish == 'true' @@ -87,8 +83,6 @@ jobs: - name: Setup CodeQL if: steps.check_version.outputs.publish == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Publish codeql-LANG-libs (lib) pack if: steps.check_version.outputs.publish == 'true' @@ -131,8 +125,6 @@ jobs: - name: Setup CodeQL if: steps.check_version.outputs.publish == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Publish codeql-LANG-extensions (ext) pack if: steps.check_version.outputs.publish == 'true' @@ -176,8 +168,6 @@ jobs: - name: Setup CodeQL if: steps.check_version.outputs.publish == 'true' uses: ./.github/actions/install-codeql - with: - codeql-cli-version: ${{ env.CODEQL_CLI_VERSION }} - name: Publish codeql-LANG-library-sources (ext-library-sources) pack if: steps.check_version.outputs.publish == 'true'