Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(codeqlExecuteScan): added waiting for the SARIF file upload #4409

Merged
merged 14 commits into from
Jun 20, 2023
Merged

fix(codeqlExecuteScan): added waiting for the SARIF file upload #4409

merged 14 commits into from
Jun 20, 2023
+244 −22

Conversation

daskuznetsova
Copy link
Contributor

Changes

Added waiting for the SARIF to upload before calling code-scanning APIs.
After scanning, the SARIF file is created, which must be uploaded to github. The codeql github upload-results command returns the URL of the SARIF file. This URL checks the status of the upload.

  • Tests
  • Documentation

@daskuznetsova daskuznetsova requested a review from a team as a code owner June 15, 2023 16:55
vlkl-sap
vlkl-sap requested changes Jun 16, 2023
View reviewed changes
Copy link

@vlkl-sap vlkl-sap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

raised a few points concerning the implementation.

thanks!

cmd/codeqlExecuteScan.go Outdated Show resolved Hide resolved
cmd/codeqlExecuteScan.go Outdated Show resolved Hide resolved
cmd/codeqlExecuteScan.go Outdated Show resolved Hide resolved
vlkl-sap
vlkl-sap requested changes Jun 19, 2023
View reviewed changes
cmd/codeqlExecuteScan.go Outdated Show resolved Hide resolved
resources/metadata/codeqlExecuteScan.yaml Outdated
@@ -104,6 +104,22 @@ spec:
- STAGES
- STEPS
default: false
- name: sarifCheckMaxRetries
type: int
description: "Sets max retries for check SARIF file is uploaded when server doesn't response."
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I propose: "Maximum number of retries when waiting for the server to finish processing the SARIF upload. Only relevant, if checkForCompliance is enabled."

resources/metadata/codeqlExecuteScan.yaml Outdated Show resolved Hide resolved
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@sumeetpatil
Copy link
Member

/it

vlkl-sap
vlkl-sap approved these changes Jun 20, 2023
View reviewed changes
Copy link

@vlkl-sap vlkl-sap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK to merge for me now. Thanks!

@daskuznetsova daskuznetsova merged commit 6eb4c2e into SAP:master Jun 20, 2023
@daskuznetsova daskuznetsova deleted the codeql-sarif-upload branch June 20, 2023 12:50
maxatsap pushed a commit to maxatsap/jenkins-library that referenced this pull request Jul 23, 2024
@daskuznetsova @maxatsap
fix(codeqlExecuteScan): added waiting for the SARIF file upload (SAP#…
9c3bbf5 
…4409)

* added waiting for the sarif file uploaded & tests

* increased polling time, added timeout for waiting response from server & tests

* fixed handling error while waiting sarif uploaded

* added params for checking sarif uploaded & refactor

* added test logs

* fixed logs and test

* added returning missed error

* changed params descriptions and server response error processing processing

* fixed retrying logic

* increased polling timeout params & refactored
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vlkl-sap vlkl-sap vlkl-sap approved these changes

@sumeetpatil sumeetpatil sumeetpatil approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@daskuznetsova @sumeetpatil @vlkl-sap