Open brylie opened 7 months ago
https://github.com/facebook/sapp/blob/54cf5f125a929644683cbe96da994698b43d05b8/sapp/ui/filters.py#L249 Looking at the error message
Error: -28 07:15:33,722 [ERROR] Total number of issues after filtering: 0
Run actions/upload-artifact@v2
With the provided path, there will be 1 file uploaded
Starting artifact upload
For more detailed logs during the artifact upload process, enable step-debugging: https://docs.github.com/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging
Artifact name is valid!
Container for artifact "SARIF Results" successfully created. Starting upload of file(s)
Total size of all the files uploaded is 0 bytes
my hypothesis is when 0 issues are found, the code emits an error (even though 0 issues found is technically valid), and leads to an empty file sarif.json instead of perhaps a sarif.json that contains just {}
or something to signify no issues.
total_filtered_issues_output = (
f"Total number of issues after filtering: {len(query_results)}"
)
if len(query_results) <= 0:
LOG.error(total_filtered_issues_output)
return
else:
LOG.info(total_filtered_issues_output)
if output_format == "sapp":
output_json = {"issues": [issue.to_json() for issue in query_results]}
print(json.dumps(output_json, indent=2, default=str))
elif output_format == "sarif":
sarif_output = SARIF(context.tool, session, query_results)
print(sarif_output.to_json())
So in your case, 0 security issues were found (did you define sources and sinks like explained here? https://pyre-check.org/docs/pysa-basics/#sources ) and that seemed to have caused the error, but it shouldn't have. The error was in the final step uploading the found results.
I’ll double check the configuration. But, it does make sense that the pipeline shouldn’t fail when zero issues are detected.
https://github.com/WesternFriend/westernfriend.org/actions/runs/7684163911/job/20940323308
Originally posted by @brylie in https://github.com/facebook/pysa-action/issues/5#issuecomment-1913483420