BaseTools/CodeQl: Give preference to Plugin settings

For the CodeQl `AuditOnly` flag,
prioritize Plugin settings over global settings.

This patch adjusts the logic for the global `AuditOnly` setting,
placing it before the Plugin setting code.
This ensures that Plugin settings take precedence over global settings.

Cc: Sean Brogan <[email protected]>
Cc: Joey Vagedes <[email protected]>
Cc: Michael D Kinney <[email protected]>
Cc: Liming Gao <[email protected]>
Signed-off-by: Abdul Lateef Attar <[email protected]>

BaseTools/Plugin/CodeQL/CodeQlAnalyzePlugin.py

@@ -3,6 +3,7 @@
 # A build plugin that analyzes a CodeQL database.
 #
 # Copyright (c) Microsoft Corporation. All rights reserved.
+# Copyright (C) 2024 Advanced Micro Devices, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 ##
 
@@ -78,6 +79,11 @@ def do_post_build(self, builder: UefiBuilder) -> int:
         # Packages are allowed to specify package-specific query specifiers
         # in the package CI YAML file that override the global query specifier.
         audit_only = False
+        global_audit_only = builder.env.GetValue("STUART_CODEQL_AUDIT_ONLY")
+        if global_audit_only:
+            if global_audit_only.strip().lower() == "true":
+                audit_only = True
+
         query_specifiers = None
         package_config_file = Path(os.path.join(
                                 self.package_path, self.package + ".ci.yaml"))
@@ -94,11 +100,6 @@ def do_post_build(self, builder: UefiBuilder) -> int:
                                       f"{str(package_config_file)}")
                         query_specifiers = plugin_data["QuerySpecifiers"]
 
-        global_audit_only = builder.env.GetValue("STUART_CODEQL_AUDIT_ONLY")
-        if global_audit_only:
-            if global_audit_only.strip().lower() == "true":
-                audit_only = True
-
         if audit_only:
             logging.info(f"CodeQL Analyze plugin is in audit only mode for "
                          f"{self.package} ({self.target}).")