From c458e961102f00d50e7ba7f4369a42d6467cb538 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:16:41 +0000 Subject: [PATCH 1/8] try codeql in CI --- .github/workflows/codeql.yml | 40 ++++++++++++++++++++++++++++++++++++ cli/azd/pkg/ux/select.go | 2 +- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000000..15feb11f144 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,40 @@ +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '30 1 * * 0' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/cli/azd/pkg/ux/select.go b/cli/azd/pkg/ux/select.go index 04dbd02b84e..ecaa625c1e8 100644 --- a/cli/azd/pkg/ux/select.go +++ b/cli/azd/pkg/ux/select.go @@ -147,7 +147,7 @@ func (p *Select) Ask(ctx context.Context) (*int, error) { done := func() { if err := p.canvas.Update(); err != nil { - log.Printf("Error updating canvas: %s\n", err.Error()) + log.Printf("Error updating canvas: %v", err) } } From 6a4607480a5f953d18129454d545a382132770c2 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:23:31 +0000 Subject: [PATCH 2/8] update codeql --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 15feb11f144..d744a3886a4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,14 +27,14 @@ jobs: uses: actions/checkout@v3 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" \ No newline at end of file From 95c786871ad8f20be6aa1c5be093f47204fb8967 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:32:16 +0000 Subject: [PATCH 3/8] one more try --- .github/workflows/codeql.yml | 42 +++++++++++++++++------------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d744a3886a4..6939c18984d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,12 +1,13 @@ name: "CodeQL" on: - push: - branches: [ "main" ] pull_request: - branches: [ "main" ] - schedule: - - cron: '30 1 * * 0' + paths: + - "**/*.go" + - ".github/workflows/codeql.yml" + - "go.mod" + - "go.sum" + branches: [main] jobs: analyze: @@ -17,24 +18,21 @@ jobs: contents: read security-events: write - strategy: - fail-fast: false - matrix: - language: [ 'go' ] - steps: - - name: Checkout repository - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@v4 - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: go - - name: Autobuild - uses: github/codeql-action/autobuild@v3 + - name: Build + uses: github/codeql-action/autobuild@v4 + with: + working-directory: cli/azd - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" \ No newline at end of file + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + working-directory: cli/azd \ No newline at end of file From 4152f000168f138eb5da8f6f5f18080b43d4594c Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:33:21 +0000 Subject: [PATCH 4/8] v3 --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6939c18984d..db3de97024b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,16 +23,16 @@ jobs: uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v3 with: languages: go - name: Build - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v3 with: working-directory: cli/azd - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v3 with: working-directory: cli/azd \ No newline at end of file From d04fa62dea133cb7aa235701c68da55356b272ab Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:43:00 +0000 Subject: [PATCH 5/8] source dir --- .github/workflows/codeql.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index db3de97024b..d7d27506e55 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,13 +26,12 @@ jobs: uses: github/codeql-action/init@v3 with: languages: go + source-root: cli/azd - name: Build uses: github/codeql-action/autobuild@v3 with: - working-directory: cli/azd - + source-directory: cli/azd + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 - with: - working-directory: cli/azd \ No newline at end of file From 3bf6323e14b7b9794b62a102e2b718055a616282 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:49:57 +0000 Subject: [PATCH 6/8] manual build --- .github/workflows/codeql.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d7d27506e55..c116320b3d5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,6 +1,8 @@ name: "CodeQL" on: + push: + branches: [main] pull_request: paths: - "**/*.go" @@ -28,10 +30,10 @@ jobs: languages: go source-root: cli/azd - - name: Build - uses: github/codeql-action/autobuild@v3 - with: - source-directory: cli/azd + - name: "Build application" + run: | + cd cli/azd + go build ./... - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From 88e923db62ee234329533fd3fc826bf872d03c83 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 04:57:19 +0000 Subject: [PATCH 7/8] category --- .github/workflows/codeql.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c116320b3d5..9a80e3a8fc5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -37,3 +37,5 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 + with: + category: "/language:go" From 593b296ed964e2548d1c301568282ce9d6b81b52 Mon Sep 17 00:00:00 2001 From: Victor Vazquez Date: Tue, 17 Jun 2025 05:19:37 +0000 Subject: [PATCH 8/8] no codeql --- .github/workflows/codeql.yml | 41 ------------------------------------ 1 file changed, 41 deletions(-) delete mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 9a80e3a8fc5..00000000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [main] - pull_request: - paths: - - "**/*.go" - - ".github/workflows/codeql.yml" - - "go.mod" - - "go.sum" - branches: [main] - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: go - source-root: cli/azd - - - name: "Build application" - run: | - cd cli/azd - go build ./... - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:go"