prabhu
commented
3 years ago Hi @soccerjoshj07 This is a strange issue indeed! Are there any subtle differences such as id or branch names?
Open joshjohanning opened 3 years ago
prabhu
commented
3 years ago Hi @soccerjoshj07 This is a strange issue indeed! Are there any subtle differences such as id or branch names?
joshjohanning
commented
3 years ago I believe they are the same ID and I am only looking at the main branch. See a screenshot for examples:
Opening one of the matched issues up, they are identical.
I have the same thing happening on a public repository I own that I could add you to if you want - code scanning results posts to pull request that there are 13 issues but the "code scanning alerts" states 26.
prabhu
commented
3 years ago @soccerjoshj07 Please share the public repo so that I can test and fix this.
joshjohanning
commented
3 years ago @prabhu https://github.com/soccerjoshj07/azdo-terraform-tailspin
Let me know if you need any permissions in there.
prabhu
commented
3 years ago Found the issue. It is invoking the same tool 2 times for terraform and yaml. I will fix this tonight but meanwhile as a workaround you can specify the type here
type: credscan,terraformNice! Awesome, thank you.
When I run the code scan action, it finds 19 results:
But when I look in Security --> Code Scanning Alerts, I see 38 open alerts:
Am I missing anything? I'm running the stock code scan template.