v2.2.2

What's Changed

• .sync/codeql.yml: Use Git long paths on Windows @makubacki (#136)
  
  Change Details

    It is a well known limitation that GitHub uses the pattern `/_work///` as the working directory on the GitHub workflow agents.

  It is redundant and particularly impactful on Windows as discussed
  below:

  https://github.com/msysgit/msysgit/wiki/Git-cannot-create-a-file-or-directory-with-a-long-path

  This especially causes an issue in a Mu repository at the moment
  (mu_common_intel_min_platform) due to its longer name which is
  repeated twice in the path (as <repo-name>).

  This change is limited to the GitHub CodeQL workflow and was found
  to resolve the issue encountered and not raise any additional issues
  in this workflow in testing.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync/release-draft-config.yml: Exclude dependabot contributions @makubacki (#135)
  
  Change Details

    Dependabot is noisier now than it used to be, exclude it from release notes to focus on important changes.

  ---

Full Changelog: v2.2.1...v2.2.2

v2.2.1

What's Changed

• .sync: Add main branch as a trigger to CodeQL workflow @makubacki (#134)
  
  Change Details

    Some repos that use the workflow have a `main` branch instead of a `release` branch as their primary branch.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync: Add CodeQL GitHub workflow @makubacki (#133)
  
  Change Details

    Adds a new workflow that is synced to Mu repos that are currently expected to run against CodeQL.

  This workflow has the following features to support
  maintainability across the repos it is synced to:

  • The packages are auto discovered and a dynamic matrix
    is generated for each package build. This allows the
    same file to work as-is in each repo that performs
    CI builds (packages are in the repo root directory).

  • The Mu Basecore plugin directory is auto discovered
    in the workspace based on the presence of the CodeQL
    plugin being present in the directory.

  • The operations supported by the Stuart CI script are
    dynamically discovered.

  • CodeQL is only run on Windows agents. There is a known
    issue when building edk2-style code on Linux so this
    avoids encountering that issue.

    See: github/codeql-action#1338

  • The Windows CodeQL CLI package is about 260MB at this time.

    The GitHub Action cache is used by this workflow to cache
    the CLI after it is initially pulled down in the Stuart ext
    dep update.

  • The CLI ext dep directory name and version used for caching
    are read from the ext_dep YAML file to reduce maintenance
    needed in the workflow if the file changes in the future.

  Note that the SARIF file for each run is uploaded as a per-package
  artifact. These can be downloaded and opened in VS Code with the
  SARIF Viewer extension to view issues locally with the ability
  to click to issue locations in files.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync/Version.njk: Update Mu repos to Mu DevOps v2.2.0 @makubacki (#130)
  
  Change Details

    Changes since last release: https://github.com/microsoft/mu_devops/compare/v2.0.1...v2.2.0

  General release info: https://github.com/microsoft/mu_devops/releases
  

  
  

  ---

  
  

• .sync/dependabot: Do not update microsoft/mu\_devops in Actions updates @makubacki (#129)
  
  Change Details

    The version is centrally managed in mu_devops and pushed to other repos in file syncs. Therefore, dependabot does not need to manage the version independently in respective repos.

  Signed-off-by: Michael Kubacki [email protected]

    </blockquote>
    <hr>
  </details>
  

• GitHub Action: Bump microsoft/mu\_devops from 2.0.1 to 2.1.0 @dependabot (#125)
  
  Change Details

    Bumps [microsoft/mu_devops](https://github.com/microsoft/mu_devops) from 2.0.1 to 2.1.0.

  Release notes

  Sourced from microsoft/mu_devops's releases.

  v2.1.0

  What's Changed

  🚀 Features & ✨ Enhancements

  Signed-off-by: Michael Kubacki [email protected]

  📖 Documentation Updates

  Signed-off-by: Michael Kubacki [email protected]

    </blockquote>
    <hr>
  </details>
  

  Full Changelog: v2.0.2...v2.1.0

  v2.0.2

  What's Changed

  ... (truncated)

  Commits

  • bcace84 .sync/workflows/leaf: Add PR formatting validator workflow (#118)
  • fe730bb PullRequests.github-issues: Remove uefibot and ProjectMuBot from human PRs (#...
  • 883f72d .sync/azure_pipelines: Switch from microdnf to dnf (#115)
  • badf2c8 Repo File Sync: synced file(s) with microsoft/mu_devops (#114)
  • See full diff in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  ---

Full Changelog: v2.2.0...v2.2.1

v2.2.0

What's Changed

• Remove link to Microsoft security policy for Project Mu repos @spbrogan (#123)
  
  Change Details

    In the "new" issues menu there was a link for Microsoft's Security Policy. This is no longer accurate and now each repo has been updated with a valid SECURITY.MD file.

  ---

🚀 Features & ✨ Enhancements

• release-draft-config.yml: Add breaking changes section @makubacki (#120)
  
  Change Details

    Closes #119

  Breaking changes are identified with the GitHub label:
  impact:breaking-change

  Prior to this change, that label rolled the major version of the
  repo.

  Now, the label also places corresponding changes into a "Breaking
  Changes" section of the release notes so it is easy for consumers
  to see breaking changes in a release.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.1.0...v2.2.0

v2.1.0

What's Changed

🚀 Features & ✨ Enhancements

• .sync/workflows/leaf: Add PR formatting validator workflow @makubacki (#118)
  
  Change Details

    Adds a new workflow to validate pull request formatting.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

📖 Documentation Updates

• PullRequests.github-issues: Remove uefibot and ProjectMuBot from human PRs @makubacki (#116)
  
  Change Details

    Add the bot accounts to those excluded from the "PRs opened by humans" section in the notebook.

  Signed-off-by: Michael Kubacki [email protected]

    </blockquote>
    <hr>
  </details>
  

Full Changelog: v2.0.2...v2.1.0

v2.0.2

What's Changed

• .sync/azure\_pipelines: Switch from microdnf to dnf @makubacki (#115)
  
  Change Details

    The following commit in tianocore/containers switched from `microdnf` to `dnf` since `microdnf` is no longer available in the Fedora 35 minimal base image.

  tianocore/containers@3487a34

  Therefore, microdnf will currently fail (not found). This change
  updates code using the Fedora 35 container image to switch to dnf.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.0.1...v2.0.2

v2.0.1

What's Changed

• .sync/Version.njk: Update Mu repos to Mu DevOps v2.0.1
  
  Change Details

    Changes since last release: https://github.com/microsoft/mu_devops/compare/v1.7.4...v2.0.1

  General release Info: https://github.com/microsoft/mu_devops/releases

  An important change in this release is reverting the label workflow
  from v2.6 to v2.5 to resolve a regression:

  #110

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync/Files.yml: Sync release drafter config file #109
  
  Change Details

    Fixes #108

  Commit 6e00a3d added file sync for the release drafter flow to
  Project Mu platform and feature repos. However, the config file
  used by the workflow must be local to the repo, so it needs to
  be synced as well.

  This change syncs the config file.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

🐛 Bug Fixes

• Revert "GitHub Action: Bump github/issue-labeler from 2.5 to 2.6 (#98)" @makubacki (#110)
  
  Change Details

    Reverts commit 6678c19

  This update is causing failures to be returned from the action
  due to attempting to remove labels that do not exist.

  Make an update plan separately and update in the future.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• Re-introduce workaround to fix ADO path names for PR eval @cfernald (#112)
  
  Change Details

    Adds a work-around to the naming provided by System.PullRequest.targetBranch on ADO repos by stripping the refs/heads/ from the path since that makes it unrecognizable to git for the git diff used by stuart_pr_eval.

  ---

Full Changelog: v2.0.0...v2.0.1

v2.0.0

What's Changed

🚀 Features & ✨ Enhancements

• Add NuGet publishing @makubacki (#40)
  
  Change Details

    Introduces the ability to publish NuGet package releases from Project Mu repos.

  Also includes changes to publish artifacts by type to more cleanly
  control how they are produced & consumed - binaries, logs, and other.

  Integration Notes

  This commit updates the major version of mu_devops. This means it
  might require integration work that will result in a repo build
  breaking unless performed.

  • Artifacts are now published under three separate categories of "binaries",
  • "logs", and "other"
    • Previously all artifacts were published under "Build Logs $(System.JobName)"
    • Any flows dependent on artifact names will need to be updated
    • Three new templates are provided for reusable publishing of content in these categories:
      1. Steps/BinaryCopyAndPublish.yml
      2. Steps/CommonLogCopyAndPublish.yml
      3. Steps/OtherCopyAndPublish.yml
  • Steps/PrGate.yml has a new template parameter - artifacts_identifier
    • This can be used to adjust the name assigned to artifacts so it makes the
      most sense for a given platform
      • The default value is an empty string
      • For most platforms, it is recommended to pass the package name and build target
  • Steps/PrGate.yml has new template parameters to control the binary and other
    content published.
    • The default value for both is an empty string

  Non-Breaking Change Notes

  • There is a new step template to easily publish content from the three artifact
    categories of a given pipeline to NuGet (Steps/NuGet.yml).
    • It is a step template so it can easily access file content already on the job
      build agent.
    • It provides the ability to select which categories of artifacts are published.
  • There is a new job template to generate a build matrix. This is tailored toward
    firmware build scenarios that involve groups of packages that are built
    together on a single agent and others that are individually built on a dedicated agent.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

🐛 Bug Fixes

• .sync/SECURITY.md: Fix markdownlint errors @makubacki (#106)
  
  Change Details

    The following errors were raised in https://github.com/microsoft/mu and resolved in this change:

  • SECURITY.md:11 MD012/no-multiple-blanks Multiple consecutive blank lines
    [Expected: 1; Actual: 2]
  • SECURITY.md:22:84 MD009/no-trailing-spaces Trailing spaces
    [Expected: 0 or 2; Actual: 1]
  • SECURITY.md:34 MD012/no-multiple-blanks Multiple consecutive blank lines
    [Expected: 1; Actual: 2]

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v1.8.0...v2.0.0

v1.8.0

What's Changed

🚀 Features & ✨ Enhancements

• .sync/Files.yml: Sync release drafter to feature and platform repos @makubacki (#97)
  
  Change Details

    Adds automated release drafting to the following repos: - microsoft/mu_crypto_release - microsoft/mu_feature_config - microsoft/mu_feature_dfci - microsoft/mu_feature_ipmi - microsoft/mu_feature_mm_supv - microsoft/mu_feature_uefi_variable - microsoft/mu_tiano_platforms

  This was previously piloted in mu_devops.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v1.7.4...v1.8.0

v1.7.4

What's Changed

• .sync/Version.njk: Update Mu repos to Mu DevOps v1.7.4 @makubacki (#104)
  
  Change Details

    Changes since last release: https://github.com/microsoft/mu_devops/compare/v1.4.2...v1.7.4

  General release Info: https://github.com/microsoft/mu_devops/releases

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v1.7.3...v1.7.4

v1.7.3

What's Changed

📖 Documentation Updates

• Add security policy for file syncing @spbrogan (#103)
  
  Change Details

   

  ---

Full Changelog: v1.7.2...v1.7.3