search

microsoft / infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.
MIT License
730 stars 29 forks source link

Error running action: ConfigurationPathNotFoundException #82

Closed rhysmeister closed 2 years ago

rhysmeister commented 2 years ago

Hello,

I get the following error when trying to run this action...

Error: ConfigurationPathNotFoundException: A configuration file could not be found for: /home/runner/work/_actions/dotnet/code-analysis/main/roslynanalyzers-linux.gdnconfig

The full task output is as follows...

with: solution: Consensus\ Project\ Downloader.sln build-breaking: true all-categories: all env: DOTNET_ROOT: /home/runner/.dotnet {"fileVersion":"1.12.0","tools":[{"fileVersion":"1.12.0","tool":{"name":"RoslynAnalyzers","version":"1.12.0"},"arguments":{"CopyLogsOnly":false,"SourcesDirectory":"$(Folders.SourceRepo)","MSBuildVersion":"16.0","CodeAnalysisAssemblyVersion":"3.8.0","SetupCommandlines":"\\"$(VisualStudioInstallDirectory)\Common7\Tools\VsMSBuildCmd.bat\\"","BuildArchitecture":"amd64","BuildCommandlines":"msbuild.exe /p:AnalysisLevel=latest /p:AnalysisMode=all Consensus\ Project\ Downloader.sln","NetAnalyzersRootDirectory":"$(Packages.Microsoft.CodeAnalysis.NetAnalyzers)","CSharpCodeStyleAnalyzersRootDirectory":"$(Packages.Microsoft.CodeAnalysis.CSharp.CodeStyle)","FxCopAnalyzersRootDirectory":"","RulesetPath":"","SdlRulesetVersion":"","TreatWarningsAsErrors":true,"LoggerLevel":"Warning","ForceSuccess":true},"outputExtension":"sarif","successfulExitCodes":[0]}]}

Installing and running analyzers... Warnings and errors will be displayed once the analysis completes.

Installing Microsoft Security Code Analysis Cli... /home/runner/.dotnet/dotnet restore /home/runner/work/_actions/dotnet/code-analysis/main/lib/msca-toolkit/msca-toolkit.proj /p:MscaPackageVersion=0.* --packages /home/runner/work/_msca/versions --source https://api.nuget.org/v3/index.json Determining projects to restore... Restored /home/runner/work/_actions/dotnet/code-analysis/main/lib/msca-toolkit/msca-toolkit.proj (in 739 ms).

/home/runner/work/_msca/versions/microsoft.security.codeanalysis.cli/0.100.0/tools/guardian init --force Init: Creating guardian repo at: /home/runner/work/The99PercentProject/The99PercentProject Created a settings file at: /home/runner/work/The99PercentProject/The99PercentProject/.gdn/.gdnsettings Added /home/runner/work/The99PercentProject/The99PercentProject/.gdn/.gitignore file to ignore internal files. Please commit this file. Guardian repository created at: /home/runner/work/The99PercentProject/The99PercentProject/.gdn Please commit everything in the .gdn folder to source control. You can now use "guardian run" to run tools. /home/runner/work/_msca/versions/microsoft.security.codeanalysis.cli/0.100.0/tools/guardian run -c /home/runner/work/_actions/dotnet/code-analysis/main/roslynanalyzers.gdnconfig --no-policy --logger-level Warning --export-breaking-results-to-file /home/runner/work/The99PercentProject/The99PercentProject/.gdn/analysis_results.sarif Error: ConfigurationPathNotFoundException: A configuration file could not be found for: /home/runner/work/_actions/dotnet/code-analysis/main/roslynanalyzers-linux.gdnconfig

xinshiMSFT commented 2 years ago

Hi, it looks like the error came from Roslyn Analyzers, not us. Can you elaborate how you ran this?

rhysmeister commented 2 years ago

Hi @xinshiMSFT ,

In Github Actions on ubuntu-20.04 like so...

      - name: Run Infer#
        uses: microsoft/infersharpaction@v1.2
        with:
          binary-path: /home/runner/work/The99PercentProject/The99PercentProject/Consensus\ Project\ Downloader/bin/Debug/netcoreapp3.1

Attempted with dotnet version 5 and 3.1 with the same result.

With a few variations on the path.

Cheers,

Rhys

xinshiMSFT commented 2 years ago

It looks like the error comes from the dotnet/code-analysis action.

- name: Run .NET Code Analysis
  uses: dotnet/code-analysis@v1
  id: code-analysis
  with:
    solution: MySolution.sln
    build-breaking: true
    all-categories: all

Are you running both? Can you provide the message from Infer#?

rhysmeister commented 2 years ago

Hello,

Sorry my mistake. I've been changing the order of those tasks, as they were both failing, and I grabbed the wrong output. Here's the output below...

Run microsoft/infersharpaction@v1.2
  with:
    binary-path: /home/runner/work/The99PercentProject/The99PercentProject/Consensus\ Project\ Downloader/bin/Debug/netcoreapp3.1
  env:
    DOTNET_ROOT: /home/runner/.dotnet
/usr/bin/docker run --name e28490f71391c9e8274005b43d51b55226757a_d3ee64 --label e28490 --workdir /github/workspace --rm -e DOTNET_ROOT -e INPUT_BINARY-PATH -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/The99PercentProject/The99PercentProject":"/github/workspace" e28490:f71391c9e8274005b43d51b55226757a  "/home/runner/work/The99PercentProject/The99PercentProject/Consensus\ Project\ Downloader/bin/Debug/netcoreapp3.1"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100  1230  100  1230    0     0   8482      0 --:--:-- --:--:-- --:--:--  8482
run_infersharp_ci.sh <dll_folder_path> -- requires 1 argument (dll_folder_path)

Analysis Result
==================================================
cat: infer-out/report.txt: No such file or directory

I guess it's having trouble with the path given for some reason. I've escaped the spaces.

Rhys

xinshiMSFT commented 2 years ago

Hi, the script run_infersharp_ci.sh expects only one argument for the folder location of the .dll and .pdb files.

If your binaries are located in different folders, try copying them to one folder prior to the Infer# action, then point binary-path to it.

rhysmeister commented 2 years ago

Hello @xinshiMSFT

I am only passing one directory...

binary-path: /home/runner/work/The99PercentProject/The99PercentProject/Consensus\ Project\ Downloader/bin/Debug/netcoreapp3.1

Am I missing something?

Rhys

xinshiMSFT commented 2 years ago

Oh, I misread the escape part.

The action does not support path with spaces. I will check in the fixes.

xinshiMSFT commented 2 years ago

Should be fixed now. Single quote the binary-path value without the escape char.

rhysmeister commented 2 years ago

It run successfully now but there's an error with cp further down the process...

Run microsoft/infersharpaction@v1.2 /usr/bin/docker run --name e284906d83f1c1121942ca83542c25d9c32c07_d48310 --label e28490 --workdir /github/workspace --rm -e DOTNET_ROOT -e INPUT_BINARY-PATH -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/The99PercentProject/The99PercentProject":"/github/workspace" e28490:6d83f1c1121942ca83542c25d9c32c07 "/home/runner/work/The99PercentProject/The99PercentProject/Consensus Project Downloader/bin/Debug/netcoreapp3.1" % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed Processing {/home/runner/work/The99PercentProject/The99PercentProject/Consensus Project Downloader/bin/Debug/netcoreapp3.1} Copy binaries to a staging folder...

Coverage Statistics: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 Method successfully translated: 0 (-2147483648%) 100 1232 100 1232 0 0 10016 0 --:--:-- --:--:-- --:--:-- 9935 Method partially translated: 0 (-2147483648%) cp: cannot stat '/home/runner/work/The99PercentProject/The99PercentProject/Consensus Project Downloader/bin/Debug/netcoreapp3.1': No such file or directory Instructions translated: 0 (-2147483648%) Instructions skipped: 0 (-2147483648%)

Translation completed. Analyzing...

No issues found

Analysis Result

xinshiMSFT commented 2 years ago

Based on the log, it looks like that Consensus Project Downloader is at root and you wish to analyze it. Assuming you are compiling with default build settings targeting .NET Core 3.1, you can set binary-path as 'Consensus Project Downloader/bin/Debug/netcoreapp3.1'.

rhysmeister commented 2 years ago

OK. That seems perfect...

Processing {Consensus Project Downloader/bin/Debug/netcoreapp3.1} Copy binaries to a staging folder... 100 1232 100 1232 0 0 6844 0 --:--:-- --:--:-- --:--:-- 6844

Coverage Statistics:

Method successfully translated: 131 (85%) Method partially translated: 23 (15%) Instructions translated: 1446 (54%) Instructions skipped: 1211 (46%)

Translation completed. Analyzing...

No issues found

Analysis Result

Although I don't get why the full path didn't work - /home/runner/work/The99PercentProject/The99PercentProject/Consensus Project Downloader/bin/Debug/netcoreapp3.1

I actually started out with a relative path but change it to full when hacking about. Thanks for the quick support.

Rhys