From 86580935123bddbef16228b86c99ab91333c8b3c Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Tue, 28 Mar 2023 18:57:30 +0100 Subject: [PATCH] Update CodeQL releases used in PR checks --- .github/setup-swift/action.yml | 18 +++++++-- .github/workflows/__analyze-ref-input.yml | 35 ++++++++-------- .github/workflows/__go-custom-queries.yml | 35 ++++++++-------- .../workflows/__go-tracing-autobuilder.yml | 25 ++++++------ .../__go-tracing-custom-build-steps.yml | 25 ++++++------ .../__go-tracing-legacy-workflow.yml | 25 ++++++------ .github/workflows/__ml-powered-queries.yml | 37 +++++++++++------ .../workflows/__multi-language-autodetect.yml | 25 ++++++------ .github/workflows/__remote-config.yml | 35 ++++++++-------- .github/workflows/__unset-environment.yml | 15 +++---- .github/workflows/__upload-ref-sha-input.yml | 35 ++++++++-------- .github/workflows/__with-checkout-path.yml | 35 ++++++++-------- .github/workflows/debug-artifacts.yml | 31 +++++++------- pr-checks/checks/ml-powered-queries.yml | 11 +---- pr-checks/sync.py | 40 ++++--------------- 15 files changed, 208 insertions(+), 219 deletions(-) diff --git a/.github/setup-swift/action.yml b/.github/setup-swift/action.yml index c0230a9fb6..ab9e528ce1 100644 --- a/.github/setup-swift/action.yml +++ b/.github/setup-swift/action.yml @@ -6,10 +6,22 @@ inputs: runs: using: "composite" steps: + - name: Set Swift enabled environment variable + # We don't support Swift on Windows or prior versions of CLI. + if: >- + runner.os != 'Windows' && ( + matrix.version == '20220908' || + matrix.version == '20221211' || + matrix.version == 'cached' || + matrix.version == 'latest' || + matrix.version == 'nightly-latest' + ) + shell: bash + run: echo "CODEQL_ACTION_PR_CHECKS_SWIFT_ENABLED=true" >> $GITHUB_ENV + - name: Get Swift version id: get_swift_version - # We don't support Swift on Windows or prior versions of CLI. - if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')" + if: env.CODEQL_ACTION_PR_CHECKS_SWIFT_ENABLED == 'true' shell: bash env: CODEQL_PATH: ${{inputs.codeql-path}} @@ -27,6 +39,6 @@ runs: fi echo "version=$VERSION" | tee -a $GITHUB_OUTPUT - uses: swift-actions/setup-swift@da0e3e04b5e3e15dbc3861bd835ad9f0afe56296 # Please update the corresponding SHA in the CLI's CodeQL Action Integration Test. - if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')" + if: env.CODEQL_ACTION_PR_CHECKS_SWIFT_ENABLED == 'true' with: swift-version: "${{steps.get_swift_version.outputs.version}}" diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index cff1b5307f..fb1798037c 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -25,24 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: windows-2019 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 - os: windows-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -72,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: tools: ${{ steps.prepare-test.outputs.tools-url }} diff --git a/.github/workflows/__go-custom-queries.yml b/.github/workflows/__go-custom-queries.yml index 3093f38aa2..e42ba25a1a 100644 --- a/.github/workflows/__go-custom-queries.yml +++ b/.github/workflows/__go-custom-queries.yml @@ -25,24 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: windows-2019 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 - os: windows-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -72,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: languages: go diff --git a/.github/workflows/__go-tracing-autobuilder.yml b/.github/workflows/__go-tracing-autobuilder.yml index 3110cad8ee..18e95a3c1e 100644 --- a/.github/workflows/__go-tracing-autobuilder.yml +++ b/.github/workflows/__go-tracing-autobuilder.yml @@ -25,18 +25,22 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -60,11 +64,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: languages: go diff --git a/.github/workflows/__go-tracing-custom-build-steps.yml b/.github/workflows/__go-tracing-custom-build-steps.yml index b9f4933ddb..37b165ac75 100644 --- a/.github/workflows/__go-tracing-custom-build-steps.yml +++ b/.github/workflows/__go-tracing-custom-build-steps.yml @@ -25,18 +25,22 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -60,11 +64,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: languages: go diff --git a/.github/workflows/__go-tracing-legacy-workflow.yml b/.github/workflows/__go-tracing-legacy-workflow.yml index 05f98e4a18..6b95b512cd 100644 --- a/.github/workflows/__go-tracing-legacy-workflow.yml +++ b/.github/workflows/__go-tracing-legacy-workflow.yml @@ -25,18 +25,22 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -60,11 +64,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: languages: go diff --git a/.github/workflows/__ml-powered-queries.yml b/.github/workflows/__ml-powered-queries.yml index 1009afc306..52f0b1a4e7 100644 --- a/.github/workflows/__ml-powered-queries.yml +++ b/.github/workflows/__ml-powered-queries.yml @@ -25,12 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20220120 + - os: ubuntu-latest + version: stable-20220401 + - os: macos-latest + version: stable-20220401 + - os: windows-latest + version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -60,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: languages: javascript @@ -87,7 +100,7 @@ jobs: - name: Check sarif uses: ./../action/.github/check-sarif # Running on Windows requires CodeQL CLI 2.9.0+. - if: "!(matrix.version == 'stable-20220120' && runner.os == 'Windows')" + if: "!(matrix.version == 'stable-20220401' && runner.os == 'Windows')" with: sarif-file: ${{ runner.temp }}/results/javascript.sarif queries-run: js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss @@ -96,7 +109,7 @@ jobs: - name: Check results env: # Running on Windows requires CodeQL CLI 2.9.0+. - SHOULD_RUN_ML_POWERED_QUERIES: ${{ !(matrix.version == 'stable-20220120' && + SHOULD_RUN_ML_POWERED_QUERIES: ${{ !(matrix.version == 'stable-20220401' && runner.os == 'Windows') }} shell: bash run: | diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index 560dafcf27..5a1ba8e9e2 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -25,18 +25,22 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -60,11 +64,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init id: init with: diff --git a/.github/workflows/__remote-config.yml b/.github/workflows/__remote-config.yml index 69e49c4395..dddd4f4213 100644 --- a/.github/workflows/__remote-config.yml +++ b/.github/workflows/__remote-config.yml @@ -25,24 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: windows-2019 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 - os: windows-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -72,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: tools: ${{ steps.prepare-test.outputs.tools-url }} diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index 44c8e48562..7526951ab4 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -25,12 +25,14 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: ubuntu-latest @@ -48,11 +50,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: db-location: ${{ runner.temp }}/customDbLocation diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index d235743d7f..ad8b9f695c 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -25,24 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: windows-2019 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 - os: windows-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -72,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: ./../action/init with: tools: ${{ steps.prepare-test.outputs.tools-url }} diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index 7ffc2ec457..108a15c679 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -25,24 +25,30 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: windows-2019 - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - - os: windows-2019 - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 - os: windows-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: windows-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: windows-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 + - os: windows-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -72,11 +78,6 @@ jobs: uses: ./.github/prepare-test with: version: ${{ matrix.version }} - - name: Set up Go - if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019' - uses: actions/setup-go@v4 - with: - go-version: ^1.13.1 - uses: actions/checkout@v3 with: ref: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6 diff --git a/.github/workflows/debug-artifacts.yml b/.github/workflows/debug-artifacts.yml index 781ee9cbec..b7c6e013b3 100644 --- a/.github/workflows/debug-artifacts.yml +++ b/.github/workflows/debug-artifacts.yml @@ -22,18 +22,22 @@ jobs: strategy: matrix: include: - - os: ubuntu-20.04 - version: stable-20211005 - - os: macos-latest - version: stable-20211005 - - os: ubuntu-20.04 - version: stable-20220120 - - os: macos-latest - version: stable-20220120 - os: ubuntu-latest version: stable-20220401 - os: macos-latest version: stable-20220401 + - os: ubuntu-latest + version: stable-20220615 + - os: macos-latest + version: stable-20220615 + - os: ubuntu-latest + version: stable-20220908 + - os: macos-latest + version: stable-20220908 + - os: ubuntu-latest + version: stable-20221211 + - os: macos-latest + version: stable-20221211 - os: ubuntu-latest version: cached - os: macos-latest @@ -84,17 +88,10 @@ jobs: - name: Check expected artifacts exist shell: bash run: | - VERSIONS="stable-20211005 stable-20220120 stable-20220401 cached latest nightly-latest" + VERSIONS="stable-20220401 stable-20220615 stable-20220908 stable-20221211 cached latest nightly-latest" LANGUAGES="cpp csharp go java javascript python" for version in $VERSIONS; do - if [[ "$version" =~ stable-(20211005|20220120|20210809) ]]; then - # Note the absence of the period in "ubuntu-2004": this is present in the image name - # but not the artifact name - OPERATING_SYSTEMS="ubuntu-2004 macos-latest" - else - OPERATING_SYSTEMS="ubuntu-latest macos-latest" - fi - for os in $OPERATING_SYSTEMS; do + for os in ubuntu-latest macos-latest; do pushd "./my-debug-artifacts-$os-$version" echo "Artifacts from version $version on $os:" for language in $LANGUAGES; do diff --git a/pr-checks/checks/ml-powered-queries.yml b/pr-checks/checks/ml-powered-queries.yml index d0628b32cc..f4dcba8bee 100644 --- a/pr-checks/checks/ml-powered-queries.yml +++ b/pr-checks/checks/ml-powered-queries.yml @@ -1,12 +1,5 @@ name: "ML-powered queries" description: "Tests that ML-powered queries are run with the security-extended suite and that they produce alerts on a test DB" -versions: [ - # Latest release in 2.7.x series - "stable-20220120", - "cached", - "latest", - "nightly-latest", - ] steps: - uses: ./../action/init with: @@ -30,7 +23,7 @@ steps: - name: Check sarif uses: ./../action/.github/check-sarif # Running on Windows requires CodeQL CLI 2.9.0+. - if: "!(matrix.version == 'stable-20220120' && runner.os == 'Windows')" + if: "!(matrix.version == 'stable-20220401' && runner.os == 'Windows')" with: sarif-file: ${{ runner.temp }}/results/javascript.sarif queries-run: js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss @@ -39,7 +32,7 @@ steps: - name: Check results env: # Running on Windows requires CodeQL CLI 2.9.0+. - SHOULD_RUN_ML_POWERED_QUERIES: ${{ !(matrix.version == 'stable-20220120' && runner.os == 'Windows') }} + SHOULD_RUN_ML_POWERED_QUERIES: ${{ !(matrix.version == 'stable-20220401' && runner.os == 'Windows') }} shell: bash run: | echo "Expecting ML-powered queries to be run: ${SHOULD_RUN_ML_POWERED_QUERIES}" diff --git a/pr-checks/sync.py b/pr-checks/sync.py index a5f05c1dc6..0912b08c98 100644 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -3,12 +3,14 @@ # The default set of CodeQL Bundle versions to use for the PR checks. defaultTestVersions = [ - # The oldest supported CodeQL version: 2.6.3. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts` - "stable-20211005", - # The last CodeQL release in the 2.7 series: 2.7.6. - "stable-20220120", - # The last CodeQL release in the 2.8 series: 2.8.5. + # The oldest supported CodeQL version: 2.8.5. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts` "stable-20220401", + # The last CodeQL release in the 2.9 series: 2.9.6. + "stable-20220615", + # The last CodeQL release in the 2.10 series: 2.10.6. + "stable-20220908", + # The last CodeQL release in the 2.11 series: 2.11.6. + "stable-20221211", # The version of CodeQL currently in the toolcache. Typically either the latest release or the one before. "cached", # The latest release of CodeQL. @@ -18,22 +20,6 @@ ] -def isCompatibleWithLatestImages(version): - if version in ["cached", "latest", "nightly-latest"]: - return True - date = version.split("-")[1] - # The first version of the CodeQL CLI compatible with `ubuntu-22.04` and `windows-2022` is - # 2.8.2. This appears in CodeQL Bundle version codeql-bundle-20220224. - return date >= "20220224" - - -def operatingSystemsForVersion(version): - if isCompatibleWithLatestImages(version): - return ["ubuntu-latest", "macos-latest", "windows-latest"] - else: - return ["ubuntu-20.04", "macos-latest", "windows-2019"] - - header = """# Warning: This file is generated automatically, and should not be modified. # Instead, please modify the template in the pr-checks directory and run: # pip install ruamel.yaml && python3 sync.py @@ -60,7 +46,7 @@ def writeHeader(checkStream): matrix = [] for version in checkSpecification.get('versions', defaultTestVersions): - runnerImages = operatingSystemsForVersion(version) + runnerImages = ["ubuntu-latest", "macos-latest", "windows-latest"] if checkSpecification.get('operatingSystems', None): runnerImages = [image for image in runnerImages for operatingSystem in checkSpecification['operatingSystems'] if image.startswith(operatingSystem)] @@ -86,16 +72,6 @@ def writeHeader(checkStream): } ] - if any(not isCompatibleWithLatestImages(m['version']) for m in matrix): - steps.append({ - 'name': 'Set up Go', - 'if': "matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'", - 'uses': 'actions/setup-go@v4', - 'with': { - 'go-version': '^1.13.1' - } - }) - steps.extend(checkSpecification['steps']) checkJob = {