Closed buckleyGI closed 2 years ago
Thanks for reporting this. We recently made an update on the GitHub Action side to enable SARIF. Here is the updated snippet for Azure DevOps:
- script: |
curl -o run_infersharp.sh https://raw.githubusercontent.com/microsoft/infersharpaction/v1.2.1/run_infersharp_ci.sh
chmod +x run_infersharp.sh
./run_infersharp.sh $(System.ArtifactsDirectory)
displayName: 'Run Infer# analysis'
- task: PublishBuildArtifacts@1
displayName: "Publish analysis logs"
inputs:
PathtoPublish: "$(Build.SourcesDirectory)/infer-out/report.sarif"
ArtifactName: "CodeAnalysisLogs"
publishLocation: "Container"
We will update the instructions on this repo. Thank you!
No, Thank you @xinshiMSFT !
I can confirm it works :)
Maybe going slightly off topic in this issue but it was part of the same update (1.2 / 1.2.1) and it also relates to Azure DevOps I tried to to enable only 1 leak detection (--enable-dotnet-resource-leak)
- script: |
curl -o run_infersharp.sh https://raw.githubusercontent.com/microsoft/infersharpaction/v1.2.1/run_infersharp_ci.sh
chmod +x run_infersharp.sh
./run_infersharp.sh inferDir/$(project) --enable-dotnet-resource-leak
displayName: 'Infer# Analysis of $(project)'
And got the error
run_infersharp_ci.sh <dll_folder_path> -- requires 1 argument (dll_folder_path)
It's not stopping us from using Infer# so low prio. It is an optimization however as we are mostly interested in this leak type and want to reduce the analysis time.
Thank you again.
FY, I kept the image at 1.2 (I see a v1.2.1 in this thread):
pool:
vmImage: 'ubuntu-20.04'
container:
image: mcr.microsoft.com/infersharp:v1.2
Hi,
I read the commit that introduced sarif support but didn't got any wiser on how to surface it in Azure DevOps with the extension that MS provides
Building further upon the existing txt output I thought this might work
But I get the following error `
[error]Publishing build artifacts failed with an error: Not found PathtoPublish: /__w/1/s/infer-out
` BTW I don't mind to do some plumbing but it would be heplful for the developers over at Azure DevOps if there was an extension like there is now for GitHub Actions