Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

github/codeql-action/analyze should offer an output for the sarif path #1799

Closed
jsoref opened this issue Jul 25, 2023 · 1 comment · Fixed by #1805
Closed

github/codeql-action/analyze should offer an output for the sarif path #1799

jsoref opened this issue Jul 25, 2023 · 1 comment · Fixed by #1805
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@jsoref
Copy link
Contributor

jsoref commented Jul 25, 2023

There's an input for the output:

codeql-action/analyze/action.yml

Line 4 in 57a11be

inputs:

codeql-action/analyze/action.yml

Lines 8 to 11 in 57a11be

output:
description: The path of the directory in which to save the SARIF results
required: false
default: "../results"

But there is no output for the sarif file path:

codeql-action/analyze/action.yml

Lines 79 to 83 in 57a11be

outputs:
db-locations:
description: A map from language to absolute path for each database created by CodeQL.
sarif-id:
description: The ID of the uploaded SARIF file.

The output file defaults to ../results which isn't accepted by actions/upload-artifact:
https://github.com/jsoref/pdns/actions/runs/5657547911/job/15326842548#step:12:4
https://github.com/jsoref/pdns/actions/runs/5657547911/job/15326842548#step:12:48

Run actions/upload-artifact@v3
  with:
    name: sarif
    path: ../results
    if-no-files-found: warn
...
Error: Invalid pattern '../results'. Relative pathing '.' and '..' is not allowed.
@aeisenberg aeisenberg added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers and removed help wanted Extra attention is needed labels Jul 25, 2023
@aeisenberg
Copy link
Contributor

That's interesting. Have you considered passing in a custom output value for the input to the analyze action and then using that value for upload artifact?

I'm not sure if our team has capacity to look at this right now. However, we'd be willing to accept an external contribution for this.

@jsoref jsoref mentioned this issue Jul 25, 2023
Merged
3 tasks
@aliscco aliscco mentioned this issue May 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add output for analyze action output path jsoref/github-codeql-action
2 participants
@aeisenberg @jsoref