Closed Abdelhamid-Ibrahim closed 1 year ago
alexet
commented
2 years ago It looks like your ESLint command creates a sarif file called eslint-results.sarif but the upload is looking for results.sarif. Perhaps the upload part should be:
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: eslint-results.sarif
Abdelhamid-Ibrahim
commented
2 years ago @alexet changed it, but got
Error: codeql/upload-sarif action failed: HttpError: Resource not accessible by integration
RequestError [HttpError]: Resource not accessible by integration
at /home/runner/work/_actions/github/codeql-action/v1/node_modules/@octokit/request/dist-node/index.js:66:23
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at async Job.doExecute (/home/runner/work/_actions/github/codeql-action/v1/node_modules/bottleneck/light.js:405:18) {
status: 403,
headers: {
'access-control-allow-origin': '*',
'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
connection: 'close',
'content-encoding': 'gzip',
'content-security-policy': "default-src 'none'",
'content-type': 'application/json; charset=utf-8',
date: 'Tue, 17 May 2022 09:48:21 GMT',
'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
server: 'GitHub.com',
'strict-transport-security': 'max-age=3[15](https://github.com/*****/*****/runs/6468240677?check_suite_focus=true#step:5:15)36000; includeSubdomains; preload',
'transfer-encoding': 'chunked',
vary: 'Accept-Encoding, Accept, X-Requested-With',
'x-content-type-options': 'nosniff',
'x-frame-options': 'deny',
'x-github-media-type': 'github.v3; format=json',
'x-github-request-id': '0500:7059:2C7BF3:864B12:62836F65',
'x-ratelimit-limit': '15000',
'x-ratelimit-remaining': '14975',
'x-ratelimit-reset': '[16](https://github.com/*****/*****/runs/6468240677?check_suite_focus=true#step:5:16)52782854',
'x-ratelimit-resource': 'core',
'x-ratelimit-used': '25',
'x-xss-protection': '0'
},
request: {
method: 'GET',
url: 'https://api.github.com/repos/*****/*****/actions/runs/2337759378?exclude_pull_requests=true',
headers: {
accept: 'application/vnd.github.v3+json',
'user-agent': 'CodeQL-Action/1.1.10 octokit-core.js/3.1.2 Node.js/12.[22](https://github.com/*****/*****/runs/6468240677?check_suite_focus=true#step:5:22).7 (linux; x64)',
authorization: 'token [REDACTED]'
},
request: { agent: [Agent], hook: [Function: bound bound register] }
},
documentation_url: 'https://docs.github.com/rest/reference/actions#get-a-workflow-run'
}
aeisenberg
commented
2 years ago When you get that error message, it's usually because your permissions block is incorrect.
I see you have permissions: write-all, which should work. However, this is actually a little overly broad. Here is our suggestion (from the README.md in this repo):
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: readI recommend that you check your security permissions block.
AntonioFalcaoJr
commented
2 years ago What am I missing guys? status 422
Uploading results
Processing sarif files: ["results.sarif"]
Uploading results
Error: Invalid request.
1 item required; only 0 were supplied.
RequestError [HttpError]: Invalid request.
1 item required; only 0 were supplied.
at /home/runner/work/_actions/github/codeql-action/v2/node_modules/@octokit/request/dist-node/index.js:66:23
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async Job.doExecute (/home/runner/work/_actions/github/codeql-action/v2/node_modules/bottleneck/light.js:405:[18](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:19)) {
status: 422,
headers: {
'access-control-allow-origin': '*',
'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
connection: 'close',
'content-length': '123',
'content-security-policy': "default-src 'none'",
'content-type': 'application/json; charset=utf-8',
date: 'Mon, 03 Oct [20](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:21)[22](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:23) [23](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:24):55:08 GMT',
'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
server: 'GitHub.com',
'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
vary: 'Accept-Encoding, Accept, X-Requested-With',
'x-content-type-options': 'nosniff',
'x-frame-options': 'deny',
'x-github-media-type': 'github.v3; format=json',
'x-github-request-id': '05C7:0DC0:958E6A:9A3278:633B765C',
'x-ratelimit-limit': '1000',
'x-ratelimit-remaining': '997',
'x-ratelimit-reset': '1664844158',
'x-ratelimit-resource': 'code_scanning_upload',
'x-ratelimit-used': '3',
'x-xss-protection': '0'
},
request: {
method: 'PUT',
url: 'https://api.github.com/repos/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/code-scanning/analysis',
headers: {
accept: 'application/vnd.github.v3+json',
'user-agent': 'CodeQL-Action/2.1.26 octokit-core.js/3.1.2 Node.js/16.13.0 (linux; x64)',
authorization: 'token [REDACTED]',
'content-type': 'application/json; charset=utf-8'
},
body: '{"commit_oid":"eb7aa[25](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:26)927e73cef181b5cc85ce699f4604d49cf","ref":"refs/heads/improvment/responsibilities-split","analysis_key":".github/workflows/account.yaml:analyze","analysis_name":"Account","sarif":"H4sIAAAAAAAAA6tWKkstKs7Mz1OyUjLSM9QzUNJRKirNK1ayio6tBQBSlZKzHQAAAA==","workflow_run_id":31783222[26](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:27),"checkout_uri":"file:///home/runner/work/EDA.CleanArch.DDD.CQRS.EventSourcing/EDA.CleanArch.DDD.CQRS.EventSourcing","environment":"null","started_at":"2022-10-03T23:[55](https://github.com/AntonioFalcaoJr/EDA.CleanArch.DDD.CQRS.EventSourcing/actions/runs/3178322226/jobs/5179712521#step:5:56):06.980Z","tool_names":[]}',
request: { agent: [Agent], hook: [Function: bound bound register] }
},
documentation_url: 'https://docs.github.com/rest'
}The 422 error typically means that the sarif file you are uploading is syntactically correct, but semantically malformed. I would recommend that you add a new step to your workflow that simply runs cat on the results file. Take a look at the contents and feel free to paste them here as a comment. My guess is that codacy is creating a sarif file that is missing some crucial information.
OliverBhm
commented
2 years ago I've got the same issue, I just use the default action created by the template:
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# ESLint is a tool for identifying and reporting on patterns
# found in ECMAScript/JavaScript code.
# More details at https://github.com/eslint/eslint
# and https://eslint.org
name: ESLint
on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '26 23 * * 0'
jobs:
eslint:
name: Run eslint scanning
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install ESLint
run: |
npm install eslint@8.10.0
npm install @microsoft/eslint-formatter-sarif@2.1.7
- name: Run ESLint
run: npx eslint .
--config .eslintrc.js
--ext .js,.jsx,.ts,.tsx
--format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: eslint-results.sarif
wait-for-processing: trueIt's hard to tell what is going on here without more information. Can you insert a step like this, between the run and upload steps:
- run: |
cat eslint-results.sarifAnd paste or attach the contents of the file? Also, include the complete error message produced by your workflow run.
AliMD
commented
2 years ago Same issue after yarn upgrade!
{
"property": "instance.runs[0].results[4].suppressions",
"message": "contains duplicate item",
"schema": {
"description": "A set of suppressions relevant to this result.",
"type": "array",
"minItems": 0,
"uniqueItems": true,
"items": {
"$ref": "#/definitions/suppression"
}
},
"instance": [
{
"kind": "inSource",
"justification": ""
},
{
"kind": "inSource",
"justification": ""
}
],
"name": "uniqueItems",
"stack": "instance.runs[0].results[4].suppressions contains duplicate item"
}
Error: Unable to upload "eslint-results.sarif" as it is not valid SARIF:It's hard to tell what is going on here without more information. Can you insert a step like this, between the
runanduploadsteps:- run: | cat eslint-results.sarifAnd paste or attach the contents of the file? Also, include the complete error message produced by your workflow run.
I did and got the error message:
cat: eslint-results.sarif: No such file or directory
Error: Process completed with exit code 1.```hmmm...not sure why the sarif is not able to be found. Can you try running the npx eslint command from your workflow locally and attaching the sarif that gets produced? There is something in that file that code scanning is not able to process.
Letgamer
commented
1 year ago Hey guys, I got the same issue using the default eslint action, but I got a similar error:
Error: Path does not exist: eslint-results.sarif
Error: Path does not exist: eslint-results.sarif
at getSarifFilePaths (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:137:15)
at Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:132:30)
at run (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:46:47)
at async runWrapper (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:68:[9](https://github.com/Letgamer/homepage-letnet.cc/actions/runs/3670652566/jobs/6205336441#step:5:10)) This is the eslint.yml:
jobs:
eslint:
name: Run eslint scanning
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install ESLint
run: |
npm install eslint@8.10.0
npm install @microsoft/eslint-formatter-sarif@2.1.7
- name: Run ESLint
run: npx eslint .
--config .eslintrc.js
--ext .js,.jsx,.ts,.tsx
--format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: eslint-results.sarif
wait-for-processing: true @Letgamer, please make sure that the sarif file is actually being generated. See my comment above on how you can do that. https://github.com/github/codeql-action/issues/1061#issuecomment-1268507384. If the file is not being generated, then that is probably something with @microsoft/eslint-formatter-sarif.
brunolnetto
commented
1 year ago Same as @Letgamer. This below error log happened for a NodeJS project. Sad, but intriguing:
> Run cat eslint-results.sarif
cat: eslint-results.sarif: No such file or directoryI ended up running the required command on Linus terminal. I discovered the following facts:
.eslintrc MUST be CommonJS i.e. .cjs. It means, its content is the classical module.exports = {key: "value"};@microsoft/eslint-formatter-sarif is required. It means, run the command npm i --save-dev @microsoft/eslint-formatter-sarif.
dirien
commented
1 year ago hi,
I want to add my error message, as I am not sure to open an extra issue for it.
Processing sarif files: ["results.sarif"]
Error: Unexpected token g in JSON at position 0
SyntaxError: Unexpected token g in JSON at position 0
at JSON.parse (<anonymous>)
at validateSarifFileSchema (/home/runner/work/_actions/github/codeql-action/959cbb7472c4d4ad70cdfe6f4976053fe48ab394/lib/upload-lib.js:176:24)
at uploadFiles (/home/runner/work/_actions/github/codeql-action/959cbb7472c4d4ad70cdfe6f4976053fe48ab394/lib/upload-lib.js:238:9)
at Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/959cbb7472c4d4ad70cdfe6f4976053fe48ab394/lib/upload-lib.js:[13](https://github.com/SchwarzIT/node-red-chart/actions/runs/3742007683/jobs/6352371438#step:6:14)2:18)
at async run (/home/runner/work/_actions/github/codeql-action/959cbb7472c4d4ad70cdfe6f4976053fe48ab394/lib/upload-sarif-action.js:46:30)
at async runWrapper (/home/runner/work/_actions/github/codeql-action/959cbb7472c4d4ad70cdfe6f4976053fe48ab394/lib/upload-sarif-action.js:68:9)The string Unexpected token g in JSON at position 0 appears twice on the error log. It means, there is some weird token at file results.sarif. I suggest you to generate it locally and see the file content.
brunolnetto
commented
1 year ago A wild error log appears:
Error: Unable to upload "eslint-results.sarif" as it is not valid SARIF:
- instance.runs[0].tool.driver.rules[10].helpUri does not conform to the "uri" formatSource: https://github.com/quivero/prego/actions/runs/3772750507/jobs/6413851058
aeisenberg
commented
1 year ago You can see that the sarif file is invalid.
"helpUri": "Please see details in message",There is not much we can do about this since it is a problem with @microsoft/eslint-formatter-sarif.
aeisenberg
commented
1 year ago @brunolnetto, thanks for exploring the issue and posting a workaround.
brunolnetto
commented
1 year ago I gave up of this action and opted to use pre-commit actions. They are great!
aeisenberg
commented
1 year ago I am going to close this issue since there are a number of different root causes and none seem to be directly with codeql-action.
If you are seeing something similar in the future, please open a new issue.
brunolnetto
commented
1 year ago 🖖 I managed to use pre-commit hooks and their ci bot. They are much better than this action...
dirien
commented
1 year ago @brunolnetto care to share a link to some code?
brunolnetto
commented
1 year ago Sure. I can offer you my pre-commit setup on repository in:
/trouchet/sappio;/trouchet/appy and /quivero/eule Take a look on respective yaml files. After pushing this file to (main|master) branch, do not forget to register the repository on CI engine: https://pre-commit.ci/
CodeQl upload action is always failing with the following
Action