IaC Extractor: Windows Support#237
IaC Extractor: Windows Support#237dilanbhalla wants to merge 3 commits intoadvanced-security:mainfrom
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds Windows support to the CodeQL IAC extractor by creating PowerShell equivalents of existing bash scripts and enabling Windows in CI/CD workflows.
- Adds PowerShell scripts for Windows:
create-extractor-pack.ps1,run-tests.ps1, andinstall-extractor.ps1 - Updates CI/CD workflows to include Windows platform in the build matrix
- Updates extractor configuration to support additional file extensions (.tfvars, .bicep) and changes language identifier from "hcl" to "iac"
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
tools/qltest.cmd |
Added .tfvars and .bicep file extensions; changed language from "hcl" to "iac" |
tools/index-files.cmd |
Added "extract" subcommand to extractor invocation |
scripts/run-tests.ps1 |
New PowerShell script for running tests on Windows |
scripts/install-extractor.ps1 |
New PowerShell script for installing extractor on Windows |
scripts/create-extractor-pack.ps1 |
Rewritten PowerShell script with improved structure and error handling |
.github/workflows/publish.yml |
Added Windows to build matrix and fixed typo in "Download" |
.github/workflows/build.yml |
Added Windows to test matrix with platform-specific build and test steps |
Comments suppressed due to low confidence (1)
.github/workflows/build.yml:63
- Corrected spelling of 'extensions' to 'extension'. The command should be 'gh extension install' not 'gh extensions install'.
gh extensions install github/gh-codeql
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| codeql query format -i ql\src\codeql_ql\ast\internal\TreeSitter.qll | ||
| # Check for CodeQL binary | ||
| if (Get-Command "codeql" -ErrorAction SilentlyContinue) { | ||
| $CODEQL_BINARY = "codeql" |
There was a problem hiding this comment.
Inconsistent indentation: Line 8 uses tabs while most other lines in the file use spaces. This line should use spaces to match the rest of the file's indentation style.
| $CODEQL_BINARY = "codeql" | |
| $CODEQL_BINARY = "codeql" |
| gh codeql version 2>&1 | Out-Null | ||
| $CODEQL_BINARY = "gh codeql" | ||
| } | ||
| catch { |
There was a problem hiding this comment.
Inconsistent indentation: Line 15 uses a leading space before 'catch' while other lines use tabs or no leading space. This should be aligned consistently with the surrounding try-catch block.
| catch { | |
| catch { |
| Write-Error "Neither 'codeql' nor 'gh' command found" | ||
| exit 1 |
There was a problem hiding this comment.
Inconsistent indentation: Lines 22-23 use tabs while most other lines in the file use spaces. These lines should use spaces to match the rest of the file's indentation style.
| Write-Error "Neither 'codeql' nor 'gh' command found" | |
| exit 1 | |
| Write-Error "Neither 'codeql' nor 'gh' command found" | |
| exit 1 |
| gh release download ` | ||
| -R "advanced-security/codeql-extractor-$ExtractorName" ` | ||
| -D "$ExtractorLocations" ` | ||
| --clobber ` |
There was a problem hiding this comment.
This line is causing a syntax error and failing
2 participants
Uh oh!
There was an error while loading. Please reload this page.