diff --git a/.github/workflows/__all-platform-bundle.yml b/.github/workflows/__all-platform-bundle.yml index 499b123165..89138c523c 100644 --- a/.github/workflows/__all-platform-bundle.yml +++ b/.github/workflows/__all-platform-bundle.yml @@ -48,6 +48,10 @@ jobs: include: - os: ubuntu-latest version: nightly-latest + - os: macos-latest + version: nightly-latest + - os: windows-latest + version: nightly-latest name: All-platform bundle if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index 2159072adf..30d5c532c6 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -48,10 +48,6 @@ jobs: include: - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default name: "Analyze: 'ref' and 'sha' from inputs" if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__autobuild-direct-tracing.yml b/.github/workflows/__autobuild-direct-tracing.yml deleted file mode 100644 index 9294edfb84..0000000000 --- a/.github/workflows/__autobuild-direct-tracing.yml +++ /dev/null @@ -1,104 +0,0 @@ -# Warning: This file is generated automatically, and should not be modified. -# Instead, please modify the template in the pr-checks directory and run: -# pr-checks/sync.sh -# to regenerate this file. - -name: PR Check - Autobuild direct tracing -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GO111MODULE: auto -on: - push: - branches: - - main - - releases/v* - pull_request: - types: - - opened - - synchronize - - reopened - - ready_for_review - schedule: - - cron: '0 5 * * *' - workflow_dispatch: - inputs: - java-version: - type: string - description: The version of Java to install - required: false - default: '17' - workflow_call: - inputs: - java-version: - type: string - description: The version of Java to install - required: false - default: '17' -defaults: - run: - shell: bash -concurrency: - cancel-in-progress: ${{ github.event_name == 'pull_request' }} - group: ${{ github.workflow }}-${{ github.ref }} -jobs: - autobuild-direct-tracing: - strategy: - fail-fast: false - matrix: - include: - - os: ubuntu-latest - version: linked - - os: windows-latest - version: linked - - os: ubuntu-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest - name: Autobuild direct tracing - if: github.triggering_actor != 'dependabot[bot]' - permissions: - contents: read - security-events: read - timeout-minutes: 45 - runs-on: ${{ matrix.os }} - steps: - - name: Check out repository - uses: actions/checkout@v5 - - name: Prepare test - id: prepare-test - uses: ./.github/actions/prepare-test - with: - version: ${{ matrix.version }} - use-all-platform-bundle: 'false' - setup-kotlin: 'true' - - name: Install Java - uses: actions/setup-java@v5 - with: - java-version: ${{ inputs.java-version || '17' }} - distribution: temurin - - name: Set up Java test repo configuration - run: | - mv * .github ../action/tests/multi-language-repo/ - mv ../action/tests/multi-language-repo/.github/workflows .github - mv ../action/tests/java-repo/* . - - - uses: ./../action/init - id: init - with: - build-mode: autobuild - db-location: ${{ runner.temp }}/customDbLocation - languages: java - tools: ${{ steps.prepare-test.outputs.tools-url }} - - - name: Check that indirect tracing is disabled - run: | - if [[ ! -z "${CODEQL_RUNNER}" ]]; then - echo "Expected indirect tracing to be disabled, but the" \ - "CODEQL_RUNNER environment variable is set." - exit 1 - fi - - - uses: ./../action/analyze - env: - CODEQL_ACTION_AUTOBUILD_BUILD_MODE_DIRECT_TRACING: true - CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__test-autobuild-working-dir.yml b/.github/workflows/__autobuild-working-dir.yml similarity index 98% rename from .github/workflows/__test-autobuild-working-dir.yml rename to .github/workflows/__autobuild-working-dir.yml index b55018c736..3a3ca9e5f0 100644 --- a/.github/workflows/__test-autobuild-working-dir.yml +++ b/.github/workflows/__autobuild-working-dir.yml @@ -31,7 +31,7 @@ concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: - test-autobuild-working-dir: + autobuild-working-dir: strategy: fail-fast: false matrix: diff --git a/.github/workflows/__build-mode-autobuild.yml b/.github/workflows/__build-mode-autobuild.yml index a6e880cf00..878c941a47 100644 --- a/.github/workflows/__build-mode-autobuild.yml +++ b/.github/workflows/__build-mode-autobuild.yml @@ -21,9 +21,19 @@ on: schedule: - cron: '0 5 * * *' workflow_dispatch: - inputs: {} + inputs: + java-version: + type: string + description: The version of Java to install + required: false + default: '17' workflow_call: - inputs: {} + inputs: + java-version: + type: string + description: The version of Java to install + required: false + default: '17' defaults: run: shell: bash @@ -37,6 +47,12 @@ jobs: matrix: include: - os: ubuntu-latest + version: linked + - os: windows-latest + version: linked + - os: ubuntu-latest + version: nightly-latest + - os: windows-latest version: nightly-latest name: Build mode autobuild if: github.triggering_actor != 'dependabot[bot]' @@ -55,6 +71,11 @@ jobs: version: ${{ matrix.version }} use-all-platform-bundle: 'false' setup-kotlin: 'true' + - name: Install Java + uses: actions/setup-java@v5 + with: + java-version: ${{ inputs.java-version || '17' }} + distribution: temurin - name: Set up Java test repo configuration run: | mv * .github ../action/tests/multi-language-repo/ @@ -69,6 +90,11 @@ jobs: languages: java tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Install yq + if: runner.os == 'Windows' + run: | + choco install yq -y + - name: Validate database build mode run: | metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml" @@ -78,6 +104,14 @@ jobs: exit 1 fi + - name: Check that indirect tracing is disabled + run: | + if [[ ! -z "${CODEQL_RUNNER}" ]]; then + echo "Expected indirect tracing to be disabled, but the" \ + "CODEQL_RUNNER environment variable is set." + exit 1 + fi + - uses: ./../action/analyze env: CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__config-export.yml b/.github/workflows/__config-export.yml index 1b89d3a186..c6666b0f63 100644 --- a/.github/workflows/__config-export.yml +++ b/.github/workflows/__config-export.yml @@ -38,16 +38,8 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: Config export if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__diagnostics-export.yml b/.github/workflows/__diagnostics-export.yml index f9f29ff4fa..d8707c799e 100644 --- a/.github/workflows/__diagnostics-export.yml +++ b/.github/workflows/__diagnostics-export.yml @@ -38,16 +38,8 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: Diagnostic export if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__test-proxy.yml b/.github/workflows/__global-proxy.yml similarity index 99% rename from .github/workflows/__test-proxy.yml rename to .github/workflows/__global-proxy.yml index 8504a44010..bd5d64b5f4 100644 --- a/.github/workflows/__test-proxy.yml +++ b/.github/workflows/__global-proxy.yml @@ -31,7 +31,7 @@ concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: - test-proxy: + global-proxy: strategy: fail-fast: false matrix: diff --git a/.github/workflows/__init-with-registries.yml b/.github/workflows/__init-with-registries.yml index 5d98643b09..bbbc55bf12 100644 --- a/.github/workflows/__init-with-registries.yml +++ b/.github/workflows/__init-with-registries.yml @@ -38,22 +38,10 @@ jobs: include: - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: 'Packaging: Download using registries' if: github.triggering_actor != 'dependabot[bot]' permissions: @@ -118,8 +106,6 @@ jobs: fi - name: Verify contents of qlconfig.yml - # yq is not available on windows - if: runner.os != 'Windows' run: | QLCONFIG_PATH=$RUNNER_TEMP/qlconfig.yml cat $QLCONFIG_PATH | yq -e '.registries[] | select(.url == "https://ghcr.io/v2/") | select(.packages == "*/*")' diff --git a/.github/workflows/__test-local-codeql.yml b/.github/workflows/__local-bundle.yml similarity index 99% rename from .github/workflows/__test-local-codeql.yml rename to .github/workflows/__local-bundle.yml index eee756a2a8..7f840b5dc6 100644 --- a/.github/workflows/__test-local-codeql.yml +++ b/.github/workflows/__local-bundle.yml @@ -41,7 +41,7 @@ concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: - test-local-codeql: + local-bundle: strategy: fail-fast: false matrix: diff --git a/.github/workflows/__packaging-codescanning-config-inputs-js.yml b/.github/workflows/__packaging-codescanning-config-inputs-js.yml index 8917e4a0eb..0e08cf70fc 100644 --- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml +++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml @@ -48,22 +48,10 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: 'Packaging: Config and input passed to the CLI' if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__packaging-config-inputs-js.yml b/.github/workflows/__packaging-config-inputs-js.yml index 777683b0f3..de3070bafa 100644 --- a/.github/workflows/__packaging-config-inputs-js.yml +++ b/.github/workflows/__packaging-config-inputs-js.yml @@ -48,22 +48,10 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: 'Packaging: Config and input' if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__packaging-config-js.yml b/.github/workflows/__packaging-config-js.yml index d1abda7e3a..9c9dadadaf 100644 --- a/.github/workflows/__packaging-config-js.yml +++ b/.github/workflows/__packaging-config-js.yml @@ -48,22 +48,10 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: 'Packaging: Config file' if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__packaging-inputs-js.yml b/.github/workflows/__packaging-inputs-js.yml index 711a600bc0..2aa63c3c3d 100644 --- a/.github/workflows/__packaging-inputs-js.yml +++ b/.github/workflows/__packaging-inputs-js.yml @@ -48,22 +48,10 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: 'Packaging: Action input' if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__quality-queries.yml b/.github/workflows/__quality-queries.yml index 1b5cd0c393..c4aa5ffaf1 100644 --- a/.github/workflows/__quality-queries.yml +++ b/.github/workflows/__quality-queries.yml @@ -45,24 +45,6 @@ jobs: - os: ubuntu-latest version: linked analysis-kinds: code-scanning,code-quality - - os: macos-latest - version: linked - analysis-kinds: code-scanning - - os: macos-latest - version: linked - analysis-kinds: code-quality - - os: macos-latest - version: linked - analysis-kinds: code-scanning,code-quality - - os: windows-latest - version: linked - analysis-kinds: code-scanning - - os: windows-latest - version: linked - analysis-kinds: code-quality - - os: windows-latest - version: linked - analysis-kinds: code-scanning,code-quality - os: ubuntu-latest version: nightly-latest analysis-kinds: code-scanning @@ -72,24 +54,6 @@ jobs: - os: ubuntu-latest version: nightly-latest analysis-kinds: code-scanning,code-quality - - os: macos-latest - version: nightly-latest - analysis-kinds: code-scanning - - os: macos-latest - version: nightly-latest - analysis-kinds: code-quality - - os: macos-latest - version: nightly-latest - analysis-kinds: code-scanning,code-quality - - os: windows-latest - version: nightly-latest - analysis-kinds: code-scanning - - os: windows-latest - version: nightly-latest - analysis-kinds: code-quality - - os: windows-latest - version: nightly-latest - analysis-kinds: code-scanning,code-quality name: Quality queries input if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__resolve-environment-action.yml b/.github/workflows/__resolve-environment-action.yml index 7ddd6e663d..2203f3316c 100644 --- a/.github/workflows/__resolve-environment-action.yml +++ b/.github/workflows/__resolve-environment-action.yml @@ -38,22 +38,10 @@ jobs: include: - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest - - os: windows-latest - version: nightly-latest name: Resolve environment if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__upload-quality-sarif.yml b/.github/workflows/__upload-quality-sarif.yml index 15bc871d94..d9bcbb20fe 100644 --- a/.github/workflows/__upload-quality-sarif.yml +++ b/.github/workflows/__upload-quality-sarif.yml @@ -48,10 +48,6 @@ jobs: include: - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default name: 'Upload-sarif: code quality endpoint' if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index d6970ea18d..8202ab1363 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -48,10 +48,6 @@ jobs: include: - os: ubuntu-latest version: default - - os: macos-latest - version: default - - os: windows-latest - version: default name: "Upload-sarif: 'ref' and 'sha' from inputs" if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index aa6c9651df..e12c9846a3 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -48,10 +48,6 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - - os: windows-latest - version: linked name: Use a custom `checkout_path` if: github.triggering_actor != 'dependabot[bot]' permissions: diff --git a/.github/workflows/codescanning-config-cli.yml b/.github/workflows/codescanning-config-cli.yml index c11f479718..c6dc41f299 100644 --- a/.github/workflows/codescanning-config-cli.yml +++ b/.github/workflows/codescanning-config-cli.yml @@ -42,16 +42,10 @@ jobs: include: - os: ubuntu-latest version: linked - - os: macos-latest - version: linked - os: ubuntu-latest version: default - - os: macos-latest - version: default - os: ubuntu-latest version: nightly-latest - - os: macos-latest - version: nightly-latest # Code-Scanning config not created because environment variable is not set name: Code Scanning Configuration tests diff --git a/pr-checks/checks/all-platform-bundle.yml b/pr-checks/checks/all-platform-bundle.yml index 332f129308..3396be22a7 100644 --- a/pr-checks/checks/all-platform-bundle.yml +++ b/pr-checks/checks/all-platform-bundle.yml @@ -1,7 +1,7 @@ name: "All-platform bundle" description: "Tests using an all-platform CodeQL Bundle" +operatingSystems: ["ubuntu", "macos", "windows"] versions: ["nightly-latest"] -operatingSystems: ["ubuntu"] useAllPlatformBundle: "true" installGo: true steps: diff --git a/pr-checks/checks/autobuild-action.yml b/pr-checks/checks/autobuild-action.yml index ac67a81fef..91ae7834cc 100644 --- a/pr-checks/checks/autobuild-action.yml +++ b/pr-checks/checks/autobuild-action.yml @@ -1,5 +1,6 @@ name: "autobuild-action" description: "Tests that the C# autobuild action works" +operatingSystems: ["ubuntu", "macos", "windows"] versions: ["linked"] steps: - uses: ./../action/init diff --git a/pr-checks/checks/autobuild-direct-tracing.yml b/pr-checks/checks/autobuild-direct-tracing.yml deleted file mode 100644 index 1e9d2d9002..0000000000 --- a/pr-checks/checks/autobuild-direct-tracing.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: "Autobuild direct tracing" -description: "An end-to-end integration test of a Java repository built using 'build-mode: autobuild', with direct tracing enabled" -operatingSystems: ["ubuntu", "windows"] -versions: ["linked", "nightly-latest"] -installJava: "true" -env: - CODEQL_ACTION_AUTOBUILD_BUILD_MODE_DIRECT_TRACING: true -steps: - - name: Set up Java test repo configuration - run: | - mv * .github ../action/tests/multi-language-repo/ - mv ../action/tests/multi-language-repo/.github/workflows .github - mv ../action/tests/java-repo/* . - - - uses: ./../action/init - id: init - with: - build-mode: autobuild - db-location: "${{ runner.temp }}/customDbLocation" - languages: java - tools: ${{ steps.prepare-test.outputs.tools-url }} - - - name: Check that indirect tracing is disabled - run: | - if [[ ! -z "${CODEQL_RUNNER}" ]]; then - echo "Expected indirect tracing to be disabled, but the" \ - "CODEQL_RUNNER environment variable is set." - exit 1 - fi - - - uses: ./../action/analyze diff --git a/pr-checks/checks/test-autobuild-working-dir.yml b/pr-checks/checks/autobuild-working-dir.yml similarity index 96% rename from pr-checks/checks/test-autobuild-working-dir.yml rename to pr-checks/checks/autobuild-working-dir.yml index eda3677f67..77c1f73c84 100644 --- a/pr-checks/checks/test-autobuild-working-dir.yml +++ b/pr-checks/checks/autobuild-working-dir.yml @@ -1,7 +1,6 @@ name: "Autobuild working directory" description: "Tests working-directory input of autobuild action" versions: ["linked"] -operatingSystems: ["ubuntu"] steps: - name: Test setup run: | diff --git a/pr-checks/checks/build-mode-autobuild.yml b/pr-checks/checks/build-mode-autobuild.yml index 7e840d15a2..26b8626f22 100644 --- a/pr-checks/checks/build-mode-autobuild.yml +++ b/pr-checks/checks/build-mode-autobuild.yml @@ -1,7 +1,8 @@ name: "Build mode autobuild" description: "An end-to-end integration test of a Java repository built using 'build-mode: autobuild'" -operatingSystems: ["ubuntu"] -versions: ["nightly-latest"] +operatingSystems: ["ubuntu", "windows"] +versions: ["linked", "nightly-latest"] +installJava: "true" steps: - name: Set up Java test repo configuration run: | @@ -17,6 +18,11 @@ steps: languages: java tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Install yq + if: runner.os == 'Windows' + run: | + choco install yq -y + - name: Validate database build mode run: | metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml" @@ -26,4 +32,12 @@ steps: exit 1 fi + - name: Check that indirect tracing is disabled + run: | + if [[ ! -z "${CODEQL_RUNNER}" ]]; then + echo "Expected indirect tracing to be disabled, but the" \ + "CODEQL_RUNNER environment variable is set." + exit 1 + fi + - uses: ./../action/analyze diff --git a/pr-checks/checks/build-mode-manual.yml b/pr-checks/checks/build-mode-manual.yml index 64009c2eeb..f1815b7ff0 100644 --- a/pr-checks/checks/build-mode-manual.yml +++ b/pr-checks/checks/build-mode-manual.yml @@ -1,6 +1,5 @@ name: "Build mode manual" description: "An end-to-end integration test of a Java repository built using 'build-mode: manual'" -operatingSystems: ["ubuntu"] versions: ["nightly-latest"] installGo: true steps: diff --git a/pr-checks/checks/build-mode-none.yml b/pr-checks/checks/build-mode-none.yml index 4d23614a90..669ea7915e 100644 --- a/pr-checks/checks/build-mode-none.yml +++ b/pr-checks/checks/build-mode-none.yml @@ -1,6 +1,5 @@ name: "Build mode none" description: "An end-to-end integration test of a Java repository built using 'build-mode: none'" -operatingSystems: ["ubuntu"] versions: ["linked", "nightly-latest"] steps: - uses: ./../action/init diff --git a/pr-checks/checks/build-mode-rollback.yml b/pr-checks/checks/build-mode-rollback.yml index 1d935314e2..49bcfdd1f0 100644 --- a/pr-checks/checks/build-mode-rollback.yml +++ b/pr-checks/checks/build-mode-rollback.yml @@ -1,6 +1,5 @@ name: "Build mode rollback" description: "The build mode is rolled back from none to autobuild when the relevant feature flag is enabled." -operatingSystems: ["ubuntu"] versions: ["nightly-latest"] env: CODEQL_ACTION_DISABLE_JAVA_BUILDLESS: true diff --git a/pr-checks/checks/cleanup-db-cluster-dir.yml b/pr-checks/checks/cleanup-db-cluster-dir.yml index 1c181a57e6..d2cacf47eb 100644 --- a/pr-checks/checks/cleanup-db-cluster-dir.yml +++ b/pr-checks/checks/cleanup-db-cluster-dir.yml @@ -1,6 +1,5 @@ name: "Clean up database cluster directory" description: "The database cluster directory is cleaned up if it is not empty." -operatingSystems: ["ubuntu"] versions: ["linked"] steps: - name: Add a file to the database cluster directory diff --git a/pr-checks/checks/config-input.yml b/pr-checks/checks/config-input.yml index 5807e85946..f139ff90e6 100644 --- a/pr-checks/checks/config-input.yml +++ b/pr-checks/checks/config-input.yml @@ -1,7 +1,6 @@ name: "Config input" description: "Tests specifying configuration using the config input" installNode: true -operatingSystems: ["ubuntu"] versions: ["linked"] steps: - name: Copy queries into workspace diff --git a/pr-checks/checks/cpp-deptrace-disabled.yml b/pr-checks/checks/cpp-deptrace-disabled.yml index 1073d0194a..5b6e82726a 100644 --- a/pr-checks/checks/cpp-deptrace-disabled.yml +++ b/pr-checks/checks/cpp-deptrace-disabled.yml @@ -1,6 +1,5 @@ name: "C/C++: disabling autoinstalling dependencies (Linux)" description: "Checks that running C/C++ autobuild with autoinstalling dependencies explicitly disabled works" -operatingSystems: ["ubuntu"] versions: ["linked", "default", "nightly-latest"] env: DOTNET_GENERATE_ASPNET_CERTIFICATE: "false" diff --git a/pr-checks/checks/cpp-deptrace-enabled.yml b/pr-checks/checks/cpp-deptrace-enabled.yml index f92f29d212..e35910a756 100644 --- a/pr-checks/checks/cpp-deptrace-enabled.yml +++ b/pr-checks/checks/cpp-deptrace-enabled.yml @@ -1,6 +1,5 @@ name: "C/C++: autoinstalling dependencies (Linux)" description: "Checks that running C/C++ autobuild with autoinstalling dependencies works" -operatingSystems: ["ubuntu"] versions: ["linked", "default", "nightly-latest"] env: DOTNET_GENERATE_ASPNET_CERTIFICATE: "false" diff --git a/pr-checks/checks/export-file-baseline-information.yml b/pr-checks/checks/export-file-baseline-information.yml index 2eb0e6d525..f7698f885e 100644 --- a/pr-checks/checks/export-file-baseline-information.yml +++ b/pr-checks/checks/export-file-baseline-information.yml @@ -1,5 +1,6 @@ name: "Export file baseline information" description: "Tests that file baseline information is exported when the feature is enabled" +operatingSystems: ["ubuntu", "macos", "windows"] versions: ["nightly-latest"] installGo: true env: diff --git a/pr-checks/checks/extractor-ram-threads.yml b/pr-checks/checks/extractor-ram-threads.yml index 435c9f41e6..43638af180 100644 --- a/pr-checks/checks/extractor-ram-threads.yml +++ b/pr-checks/checks/extractor-ram-threads.yml @@ -1,7 +1,6 @@ name: "Extractor ram and threads options test" description: "Tests passing RAM and threads limits to extractors" versions: ["linked"] -operatingSystems: ["ubuntu"] steps: - uses: ./../action/init with: diff --git a/pr-checks/checks/test-proxy.yml b/pr-checks/checks/global-proxy.yml similarity index 97% rename from pr-checks/checks/test-proxy.yml rename to pr-checks/checks/global-proxy.yml index 39efb214e1..1d64125748 100644 --- a/pr-checks/checks/test-proxy.yml +++ b/pr-checks/checks/global-proxy.yml @@ -1,7 +1,6 @@ name: "Proxy test" description: "Tests using a proxy specified by the https_proxy environment variable" versions: ["linked", "nightly-latest"] -operatingSystems: ["ubuntu"] container: image: ubuntu:22.04 container-init-steps: diff --git a/pr-checks/checks/go-indirect-tracing-workaround-diagnostic.yml b/pr-checks/checks/go-indirect-tracing-workaround-diagnostic.yml index 39ec0096ab..10acfeb439 100644 --- a/pr-checks/checks/go-indirect-tracing-workaround-diagnostic.yml +++ b/pr-checks/checks/go-indirect-tracing-workaround-diagnostic.yml @@ -1,7 +1,6 @@ name: "Go: diagnostic when Go is changed after init step" description: "Checks that we emit a diagnostic if Go is changed after the init step" # only Linux is affected -operatingSystems: ["ubuntu"] # pinned to a version which does not support statically linked binaries for indirect tracing versions: ["default"] installGo: true diff --git a/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml b/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml index 0078a2e450..c5083b6015 100644 --- a/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml +++ b/pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml @@ -1,7 +1,6 @@ name: "Go: diagnostic when `file` is not installed" description: "Checks that we emit a diagnostic if the `file` program is not installed" # only Linux is affected -operatingSystems: ["ubuntu"] # pinned to a version which does not support statically linked binaries for indirect tracing versions: ["default"] installGo: true diff --git a/pr-checks/checks/go-indirect-tracing-workaround.yml b/pr-checks/checks/go-indirect-tracing-workaround.yml index 5c6690128f..222b964c78 100644 --- a/pr-checks/checks/go-indirect-tracing-workaround.yml +++ b/pr-checks/checks/go-indirect-tracing-workaround.yml @@ -1,7 +1,6 @@ name: "Go: workaround for indirect tracing" description: "Checks that our workaround for indirect tracing for Go 1.21+ on Linux works" # only Linux is affected -operatingSystems: ["ubuntu"] # pinned to a version which does not support statically linked binaries for indirect tracing versions: ["default"] installGo: true diff --git a/pr-checks/checks/init-with-registries.yml b/pr-checks/checks/init-with-registries.yml index bc45d255aa..cedc62aab0 100644 --- a/pr-checks/checks/init-with-registries.yml +++ b/pr-checks/checks/init-with-registries.yml @@ -62,8 +62,6 @@ steps: fi - name: Verify contents of qlconfig.yml - # yq is not available on windows - if: runner.os != 'Windows' run: | QLCONFIG_PATH=$RUNNER_TEMP/qlconfig.yml cat $QLCONFIG_PATH | yq -e '.registries[] | select(.url == "https://ghcr.io/v2/") | select(.packages == "*/*")' diff --git a/pr-checks/checks/javascript-source-root.yml b/pr-checks/checks/javascript-source-root.yml index 9c933576e1..b06dc7bfa2 100644 --- a/pr-checks/checks/javascript-source-root.yml +++ b/pr-checks/checks/javascript-source-root.yml @@ -1,7 +1,6 @@ name: "Custom source root" description: "Checks that the argument specifying a non-default source root works" versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs -operatingSystems: ["ubuntu"] steps: - name: Move codeql-action run: | diff --git a/pr-checks/checks/job-run-uuid-sarif.yml b/pr-checks/checks/job-run-uuid-sarif.yml index 196e321780..9c0f843d40 100644 --- a/pr-checks/checks/job-run-uuid-sarif.yml +++ b/pr-checks/checks/job-run-uuid-sarif.yml @@ -1,6 +1,5 @@ name: "Job run UUID added to SARIF" description: "Tests that the job run UUID is added to the SARIF output" -operatingSystems: ["ubuntu"] versions: ["nightly-latest"] steps: - uses: ./../action/init diff --git a/pr-checks/checks/language-aliases.yml b/pr-checks/checks/language-aliases.yml index 16f5f044f9..b0db1288a3 100644 --- a/pr-checks/checks/language-aliases.yml +++ b/pr-checks/checks/language-aliases.yml @@ -1,7 +1,6 @@ name: "Language aliases" description: "Tests that language aliases are resolved correctly" versions: ["linked"] -operatingSystems: ["ubuntu"] steps: - uses: ./../action/init with: diff --git a/pr-checks/checks/test-local-codeql.yml b/pr-checks/checks/local-bundle.yml similarity index 95% rename from pr-checks/checks/test-local-codeql.yml rename to pr-checks/checks/local-bundle.yml index 1e41e5dd3d..c16c2bf503 100644 --- a/pr-checks/checks/test-local-codeql.yml +++ b/pr-checks/checks/local-bundle.yml @@ -1,7 +1,6 @@ name: "Local CodeQL bundle" description: "Tests using a CodeQL bundle from a local file rather than a URL" versions: ["linked"] -operatingSystems: ["ubuntu"] installGo: true steps: - name: Fetch latest CodeQL bundle diff --git a/pr-checks/checks/overlay-init-fallback.yml b/pr-checks/checks/overlay-init-fallback.yml index 44d19d79c3..bfcfd27e79 100644 --- a/pr-checks/checks/overlay-init-fallback.yml +++ b/pr-checks/checks/overlay-init-fallback.yml @@ -1,7 +1,6 @@ name: "Overlay database init fallback" description: "Tests that overlay init action succeeds with non-overlay packs" versions: ["linked", "nightly-latest"] -operatingSystems: ["ubuntu"] steps: - uses: ./../action/init with: diff --git a/pr-checks/checks/rubocop-multi-language.yml b/pr-checks/checks/rubocop-multi-language.yml index 2be248a5f2..27bcf070db 100644 --- a/pr-checks/checks/rubocop-multi-language.yml +++ b/pr-checks/checks/rubocop-multi-language.yml @@ -1,6 +1,5 @@ name: "RuboCop multi-language" description: "Tests using RuboCop to analyze a multi-language repository and then using the CodeQL Action to upload the resulting SARIF" -operatingSystems: ["ubuntu"] # This check doesn't use CodeQL, so the `version` matrix variable is unused. versions: ["default"] steps: diff --git a/pr-checks/checks/rust.yml b/pr-checks/checks/rust.yml index 67920538d7..c19fc986da 100644 --- a/pr-checks/checks/rust.yml +++ b/pr-checks/checks/rust.yml @@ -8,7 +8,6 @@ versions: - linked - default - nightly-latest -operatingSystems: ["ubuntu"] steps: - uses: ./../action/init with: diff --git a/pr-checks/checks/submit-sarif-failure.yml b/pr-checks/checks/submit-sarif-failure.yml index ba67db39f0..97332e4c94 100644 --- a/pr-checks/checks/submit-sarif-failure.yml +++ b/pr-checks/checks/submit-sarif-failure.yml @@ -1,7 +1,6 @@ name: Submit SARIF after failure description: Check that a SARIF file is submitted for the workflow run if it fails versions: ["linked", "default", "nightly-latest"] -operatingSystems: ["ubuntu"] env: # Internal-only environment variable used to indicate that the post-init Action diff --git a/pr-checks/sync.py b/pr-checks/sync.py index 550953980a..866a610304 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -29,12 +29,6 @@ "nightly-latest" ] -def is_os_and_version_excluded(os, version, exclude_params): - for exclude_param in exclude_params: - if exclude_param[0] == os and exclude_param[1] == version: - return True - return False - # When updating the ruamel.yaml version here, update the PR check in # `.github/workflows/pr-checks.yml` too. header = """# Warning: This file is generated automatically, and should not be modified. @@ -78,22 +72,17 @@ def writeHeader(checkStream): if 'inputs' in checkSpecification: workflowInputs = checkSpecification['inputs'] - excludedOsesAndVersions = checkSpecification.get('excludeOsAndVersionCombination', []) for version in checkSpecification.get('versions', defaultTestVersions): if version == "latest": raise ValueError('Did not recognize "version: latest". Did you mean "version: linked"?') runnerImages = ["ubuntu-latest", "macos-latest", "windows-latest"] - operatingSystems = checkSpecification.get('operatingSystems', ["ubuntu", "macos", "windows"]) + operatingSystems = checkSpecification.get('operatingSystems', ["ubuntu"]) for operatingSystem in operatingSystems: runnerImagesForOs = [image for image in runnerImages if image.startswith(operatingSystem)] for runnerImage in runnerImagesForOs: - # Skip appending this combination to the matrix if it is explicitly excluded. - if is_os_and_version_excluded(operatingSystem, version, excludedOsesAndVersions): - continue - matrix.append({ 'os': runnerImage, 'version': version