Merge branch 'main' into user/maige/1es

microsoft · Dec 16, 2024 · 7948896 · 7948896
2 parents 0ae97f4 + 571761b
commit 7948896
Show file tree

Hide file tree

Showing 16 changed files with 500 additions and 176 deletions.
diff --git a/.github/workflows/check_wdk.yml b/.github/workflows/check_wdk.yml
@@ -0,0 +1,83 @@
+# Copyright (c) eBPF for Windows contributors
+# SPDX-License-Identifier: MIT
+
+# This workflow checks for Windows Driver Kit updates and files issues when updates are needed.
+
+name: Check for updates to the Windows Driver Kit
+
+on:
+  # Run script every Sunday at midnight
+  schedule:
+    - cron: '0 0 * * 0'
+  # Allow manual triggering of the script
+  workflow_dispatch:
+
+jobs:
+  check:
+    runs-on: Windows-latest
+    steps:
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+
+    - name: Check for updates to the Windows Driver Kit
+      id: check_wdk
+      run: |
+        # Get the latest version of the Windows Driver Kit
+        $packageVersion = .\scripts\Get-LatestNugetPackageVersion.ps1 -PackageName "Microsoft.Windows.WDK.x64"
+        "wdk_version=$packageVersion" >> $env:GITHUB_OUTPUT
+
+    - name: Check the version of the WDK in the repo
+      id: check_repo_wdk
+      run: |
+        $wdkVersion = (Get-Content -Path .\wdk.props | Select-String -Pattern "<WDKVersion>" | ForEach-Object { $_ -replace "<WDKVersion>", "" -replace "</WDKVersion>", "" }).trim()
+        "wdk_version=$wdkVersion" >> $env:GITHUB_OUTPUT
+
+    - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
+      if: steps.check_wdk.outputs.wdk_version != steps.check_repo_wdk.outputs.wdk_version
+      env:
+        TITLE: 'Update the Windows Driver Kit'
+        BODY: |
+          The Windows Driver Kit version in the repository does not match the latest version available on NuGet. Please update the WDK version in the repository to match the latest version available on NuGet.
+          The latest version is ${{steps.check_wdk.outputs.wdk_version}} and the version in the repository is ${{steps.check_repo_wdk.outputs.wdk_version}}.          
+          To update the WDK run the following command:
+          ```powershell 
+          .\scripts\Update-WdkVersion.ps1
+          ```
+        LABELS: bug,ci/cd
+      with:
+        script: |
+          const owner = process.env.GITHUB_REPOSITORY.split('/')[0]
+          const repo = process.env.GITHUB_REPOSITORY.split('/')[1]
+          const body = process.env.BODY;
+          const title = process.env.TITLE;
+          const labels = process.env.LABELS;
+          const label_array = labels ? labels.split(',') : [];
+          console.log(label_array);
+          // Get all issues that have these labels.
+          const opts = github.rest.issues.listForRepo.endpoint.merge({
+            ...context.issue,
+            state: 'open',
+            labels: label_array,
+          });
+          const issues = await github.paginate(opts);
+          // Look for an existing issue with the same title.
+          for (const issue of issues) {
+            if (issue.title === title) {
+              console.log(`Updating issue ${title}`);
+              await github.rest.issues.createComment({
+                issue_number: issue.number,
+                owner,
+                repo,
+                body,
+              });
+              return;
+            }
+          }
+          // Existing issue not found, create a new one.
+          console.log(`Creating issue ${title}`);
+          await github.rest.issues.create({
+            owner: owner,
+            repo: repo,
+            title: title,
+            body: body,
+            labels: label_array,
+          });
diff --git a/.github/workflows/ossar-scan.yml b/.github/workflows/ossar-scan.yml
@@ -81,6 +81,6 @@ jobs:
 
     - name: Upload results to Security tab
       if: steps.skip_check.outputs.should_skip != 'true'
-      uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195
+      uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae
       with:
         sarif_file: ${{ steps.ossar.outputs.sarifFile }}
diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml
@@ -135,7 +135,7 @@ jobs:
 
     - name: Initialize CodeQL
       if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true'
-      uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195
+      uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae
       with:
         languages: 'cpp'
 
@@ -303,4 +303,4 @@ jobs:
 
     - name: Perform CodeQL Analysis
       if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true'
-      uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195
+      uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -76,6 +76,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
         if: github.ref_name == 'main'
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195
+        uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/upload-perf-results.yml b/.github/workflows/upload-perf-results.yml
@@ -102,7 +102,7 @@ jobs:
         export PGUSER=$(cat ${{github.workspace}}/PGUSER)
         export PGPORT=$(cat ${{github.workspace}}/PGPORT)
         export PGDATABASE=$(cat ${{github.workspace}}/PGDATABASE)
-        psql -f ./scripts/check_perf_results.sql -v platform='${{inputs.platform}}' --csv > ${{github.workspace}}/results/regression_results.csv
+        psql -f ./check_perf_results.sql -v platform='${{inputs.platform}}' --csv > ${{github.workspace}}/results/regression_results.csv
 
     - name: Upload regression results
       uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882

diff --git a/.onefuzz/OneFuzzConfig.json b/.onefuzz/OneFuzzConfig.json
@@ -59,24 +59,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     },
     {
@@ -136,24 +123,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     },
     {
@@ -213,24 +187,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     },
     {
@@ -290,24 +251,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     },
     {
@@ -368,24 +316,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     },
     {
@@ -445,24 +380,11 @@
         "PipelineId": "79576"
       },
       "AdoTemplate": {
-        "Org": "mscodehub",
-        "Project": "eBPFForWindows",
-        "AssignedTo": "[email protected]",
-        "AreaPath": "eBPFForWindows",
-        "IterationPath": "eBPFForWindows",
-        "Type": "Bug",
-        "BaseUrl": "https://dev.azure.com/mscodehub",
-        "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-        "OnDuplicate": {
-          "Increment": [
-            ""
-          ],
-          "Comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
-          "SetState": {
-            "Resolved": "Active",
-            "Closed": "Active"
-          }
-        }
+        "Org": "microsoft",
+        "Project": "OS",
+        "AssignedTo": "Active",
+        "AreaPath": "OS\\Core\\IO Fabrics\\Transports Security and SDN\\eBPF",
+        "IterationPath": "OS"
       }
     }
   ]