Skip to content

Recursive SARIF file detection from upload-sarif sarif_file parameter #220

New issue
New issue
Closed
Closed
Recursive SARIF file detection from upload-sarif sarif_file parameter#220
@tlsa

Description

@tlsa
tlsa
opened on Sep 18, 2020

I created a workflow that runs Clang scan-build with the -sarif parameter, to output SARIF format, and the -o build/sarif argument to put the output in the directory build/sarif.

When it is run, scan-build puts the actual SARIF files in a sub-directory of the specified output directory.

The output from scan-build is:

scan-build: Analysis run complete.
scan-build: Analysis results (sarif files) deposited in '/home/runner/work/libcyaml/libcyaml/build/sarif/2020-09-18-110804-4323-1'

And the sarif files are in the randomly named sub-directory:

$ find build/sarif
build/sarif
build/sarif/2020-09-18-110804-4323-1
build/sarif/2020-09-18-110804-4323-1/report-B4xj3N.sarif
build/sarif/2020-09-18-110804-4323-1/report-yK7dxl.sarif
build/sarif/2020-09-18-110804-4323-1/report-SrmlCl.sarif
build/sarif/2020-09-18-110804-4323-1/report-QPrVcF.sarif
build/sarif/2020-09-18-110804-4323-1/report-67tbyT.sarif
build/sarif/2020-09-18-110804-4323-1/report-OfHm5E.sarif
build/sarif/2020-09-18-110804-4323-1/report-T8GZn7.sarif
build/sarif/2020-09-18-110804-4323-1/report-NKjLYw.sarif
build/sarif/2020-09-18-110804-4323-1/report-z81jQ7.sarif
build/sarif/2020-09-18-110804-4323-1/report-bmXRUK.sarif
build/sarif/2020-09-18-110804-4323-1/report-6aH1dl.sarif
build/sarif/2020-09-18-110804-4323-1/report-iK7eHK.sarif
build/sarif/2020-09-18-110804-4323-1/report-vnqcCF.sarif
build/sarif/2020-09-18-110804-4323-1/report-aATCA3.sarif

You can see the CI run for this here: https://github.com/tlsa/libcyaml/runs/1133489433

At the moment, with

    - name: upload scan-build
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: build/sarif

I get the following error:

#[error]No SARIF files found to upload in "build/sarif".
Error: No SARIF files found to upload in "build/sarif".
    at Object.upload (/home/runner/work/_actions/github/codeql-action/v1/lib/upload-lib.js:114:19)
    at run (/home/runner/work/_actions/github/codeql-action/v1/lib/upload-sarif-action.js:29:46)

Could the sarif_file directory parameter be changed to a recursive search through the directory for SARIF files?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions