CI: move CodeQL tests to default.yaml #1971
Conversation
Github CodeQL is complaining that it can't find the configuration for the codeql tests. There is no documented reason for this, but there is also no documented way to change this setting. Move CodeQL workflows back to default.yaml to make Github happy again
There was a problem hiding this comment.
Thank you for attacking this old problem!
Error: Code Scanning could not process the submitted SARIF file:
CodeQL analyses from advanced configurations cannot be processed when the default setup is enabled
Even if the odd naming requirement does exist, the fact that this PR does not fix CodeQL tests suggests that there may be more to this story than that odd naming requirement.
If you have not tried that already, and there is no known reason to fear some kind of serious information/configuration loss, then I suggest completely disabling CodeQL and then re-enabling it from scratch in hope that GitHub will find current/official workflows and does the right thing... This is a very weak recommendation -- CodeQL is not my area of expertise.
Please ping me when the tests are fixed.
Note to self: We appear to be using "default setup" for CodeQL. Some related configuration details are at https://github.com/squid-cache/squid/settings/code-scanning/default-setup
| # CodeQL tests apparently have to be deefined in a file | ||
| # named default.yaml - this is not well documented |
There was a problem hiding this comment.
Can you point me to any documentation that states this odd requirement? If not, I suggest:
| # CodeQL tests apparently have to be deefined in a file | |
| # named default.yaml - this is not well documented | |
| # Apparently, CodeQL tests must be defined in a file named default.yaml. | |
| # We cannot find where that requirement is documented, but these tests | |
| # fail with "configurations not found" errors if defined in quick.yaml. |
The above suggestion also fixes a misspelling.
rousskov
added
the
S-waiting-for-author
|
I think I found why: it's a very well hidden settings page at https://github.com/squid-cache/squid/security/code-scanning/tools/CodeQL/status |
Glad you are making progress! FWIW, I do not see any settings at the above status page. |
|
I've just disabled it. CodeQL seems to create a "shadow" workflow which
can't really be managed in any handy way.
…On Sun, Dec 29, 2024 at 8:01 PM Alex Rousskov ***@***.***> wrote:
I think I found why: it's a very well hidden settings page at
https://github.com/squid-cache/squid/security/code-scanning/tools/CodeQL/status
Glad you are making progress! FWIW, I do not see any settings at the above
status page.
—
Reply to this email directly, view it on GitHub
<#1971 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABHPVDBO4RXLV3RPO26SUOT2IBBHLAVCNFSM6AAAAABUKEGIKWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKNRUHAYTGNRRGM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Francesco
|
|
The stuck PRs seem to be dequeueing, including CodeQL checks which we perform but not enforce. |
squid-anubis
added
the
M-failed-other
Github CodeQL is complaining that it can't find
the configuration for the tests
There is no documented reason for this, but there
is also no documented way to change this setting
Move CodeQL workflows back to default.yaml to
make Github happy again