synopsys-sig / synopsys-action

Synopsys Action consuming Synopsys scanning tools
Apache License 2.0
24 stars 18 forks source link

synopsys-sig/synopsys-action not scanning scala code #229

Open sanararoj opened 5 months ago

sanararoj commented 5 months ago

We are using a bunch of git repositories with C#, Python and Scala languages.

As initial and simply approach we are using th synopsys-action like this

coverity:
    runs-on: orchestrator-runner
    if: github.repository == 'Test/repoTest'
    steps:
      - name: Check out repository code
        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2

      - name: Run Coverity Analysis
        uses: synopsys-sig/synopsys-action@10044b457c8e47c18f58be717953bd992411df97 # v1.5.0
        with:
          coverity_url: ${{ env.COVERITY_URL }}
          coverity_user: ${{ env.COVERITY_USER }}
          coverity_passphrase: ${{ env.COVERITY_PASSPHRASE }}
          coverity_project_name: ${{ github.event.repository.name }}
          coverity_stream_name: ${{ format('{0}-{1}', github.event.repository.name, ((github.event_name == 'push' && github.ref_name) || (github.event_name == 'pull_request' && github.base_ref))) }}
          coverity_local: true

image

image

As you can noticed in the pictures C# and Python files are detected and scanned, we can even see the security issues in the coverity portal

However, Scala files that are in the same GIT HUB workspace are not being picked by the coverity scan.

Is this action actually supporting the scanning of Scala files ?

Best regards

sanararoj commented 5 months ago

Additionally, I was reviewing all logs in git hub workflow execution for this action. I notice neither compiler scala or scala c is triggered, hopes this help with the troubleshooting image