Closed 0GiS0 closed 5 months ago
Hi again!
First issue was solved but It still not working. I modified the error message a little bit and It seems the System.AccessToken doesn't have the right permissions to call ProjectAnalysis:LanguageMetrics
##[debug]Evaluating condition for step: 'AdvancedSecurityCodeQLAutoconfig'
##[debug]Evaluating: SucceededNode()
##[debug]Evaluating SucceededNode:
##[debug]=> True
##[debug]Result: True
Starting: AdvancedSecurityCodeQLAutoconfig
==============================================================================
Task : Advanced Security CodeQL Autoconfigurator
Description : Sets Variables and automatically configures CodeQL for use in the pipeline
Version : 0.1.13
Author : Microsoft Corporation
Help : https://aka.ms/advanced-security/code-scanning/detection
==============================================================================
##[debug]Using node path: /home/vsts/agents/3.236.1/externals/node/bin/node
##[debug]agent.TempDirectory=/home/vsts/work/_temp
##[debug]loading inputs and endpoints
##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
##[debug]loading SECRET_SYSTEM_ACCESSTOKEN
##[debug]loaded 4
##[debug]Agent.ProxyUrl=undefined
##[debug]Agent.CAInfo=undefined
##[debug]Agent.ClientCert=undefined
##[debug]Agent.SkipCertValidation=undefined
##[debug]Agent.ToolsDirectory=/opt/hostedtoolcache
Tool Cache Directory: /opt/hostedtoolcache
##[debug]Agent.ToolsDirectory=/opt/hostedtoolcache
##[debug]Agent.ToolsDirectory=/opt/hostedtoolcache
##[debug]System.CollectionUri=https://dev.azure.com/returngisorg/
##[debug]System.TeamProjectId=f065fad0-13d3-4d58-b61a-ce3fdb0165c5
##[debug]Build.Repository.ID=715536d8-b2c9-453b-a27a-c8931e82be01
##[debug]set AdvancedSecurity.CodeQL.Autoconfig=failed
##[debug]Processed: ##vso[task.setvariable variable=AdvancedSecurity.CodeQL.Autoconfig;isOutput=false;issecret=false;]failed
##[debug]System.AccessToken=***
Token: ***
Using Project f065fad0-13d3-4d58-b61a-ce3fdb0165c5
##[debug]set AdvancedSecurity.CodeQL.Autoconfig=failed
##[debug]Processed: ##vso[task.setvariable variable=AdvancedSecurity.CodeQL.Autoconfig;isOutput=false;issecret=false;]failed
CodeQL Autoconfig failed with error: Error: Access Denied: 4922da13-6f02-44b8-9c75-9e9c355e4858 needs the following permission(s) on the resource ProjectAnalysis:LanguageMetrics:f065fad0-13d3-4d58-b61a-ce3fdb0165c5 to perform this action: View Project Analysis language metrics data
Finishing: AdvancedSecurityCodeQLAutoconfig
Any thoughts on this?
// cc @ncouraud
Thanks again!
I was getting the same error:
message: 'Access Denied: bbb480c8-6d40-4635-b3c5-bea9d32a33e1 needs the following permission(s) on the resource ProjectAnalysis:LanguageMetrics:e67087a7-e72d-4562-8713-049881d236a5 to perform this action: View Project Analysis language metrics data',
typeName: 'Microsoft.VisualStudio.Services.Security.AccessCheckException, Microsoft.VisualStudio.Services.WebApi',
Looking up that api showed we need a permission Contributors
have. My fix was to add the project build account to the project contributor group:
I was getting the same error:
message: 'Access Denied: bbb480c8-6d40-4635-b3c5-bea9d32a33e1 needs the following permission(s) on the resource ProjectAnalysis:LanguageMetrics:e67087a7-e72d-4562-8713-049881d236a5 to perform this action: View Project Analysis language metrics data', typeName: 'Microsoft.VisualStudio.Services.Security.AccessCheckException, Microsoft.VisualStudio.Services.WebApi',
Looking up that api showed we need a permission
Contributors
have. My fix was to add the project build account to the project contributor group:
Hi @felickz ! Thank you so much for your answer but are you using your own self-hosted agent or Microsoft hosted agents?
Hi all,
Thank you so much for this repo! I'm trying to use codeql-autosetup but I get an error:
Before add this task to the marketplace I run
npm install
andtsc
inside of the src/extensions/codeql-autosetup/buildandreleasetask folder to make sure it has the node_modules in place but still I get this error.Did I miss something?
Thank you so much!