[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid SARIF file created when there are no results #1836

Closed
pdil opened this issue Dec 11, 2022 · 3 comments · Fixed by #1837
Closed

Invalid SARIF file created when there are no results #1836

pdil opened this issue Dec 11, 2022 · 3 comments · Fixed by #1837
Labels
help wanted ❤️ we'd love your help!

Comments

@pdil
Copy link
Contributor
pdil commented Dec 11, 2022
edited
Loading

Issue

sarif_output creates an invalid file when there are no lintr results (i.e. all linting checks passed). This causes workflows that upload the file to GitHub to populate the Code scanning section of the Security tab to fail.

Example

See this GitHub Actions run file for an example of the error (under Upload analysis results to GitHub):

Run github/codeql-action/upload-sarif@v2
  with:
    sarif_file: lintr-results.sarif
    wait-for-processing: true
    checkout_path: /home/runner/work/usmap/usmap
    token: ***
    matrix: null
  env:
    R_LIBS_USER: /home/runner/work/_temp/Library
    TZ: UTC
    _R_CHECK_SYSTEM_CLOCK_: FALSE
    NOT_CRAN: true
Uploading results
  Processing sarif files: ["lintr-results.sarif"]
  Error: Invalid SARIF. Missing 'results' array in run.
  Error: Error: Invalid SARIF. Missing 'results' array in run.
      at countResultsInSarif (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:166:19)
      at uploadFiles (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:256:30)
      at async Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:132:12)
      at async run (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:46:30)
      at async runWrapper (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:68:9)

The SARIF file for my project comes back as follows:

sarif_output(lint_package())
{
  "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json",
  "version": "2.1.0",
  "runs": [
    {
      "tool": {
        "driver": {
          "name": "lintr",
          "informationUri": "https://lintr.r-lib.org/",
          "version": "3.0.2"
        }
      },
      "columnKind": "utf16CodeUnits",
      "originalUriBaseIds": {
        "ROOTPATH": {
          "uri": "<file path>"
        }
      }
    }
  ]
}

Notice there is no results array inside runs.

Proposed solution

Include the results array inside each run in the SARIF file even if there are no issues returned by lintr. I believe it should work if it's an empty array in that case (i.e. "results": []).

Further reference
@MichaelChirico MichaelChirico added the help wanted ❤️ we'd love your help! label Dec 11, 2022
@MichaelChirico
Copy link
Collaborator

Thanks for the report! Unfortunately I think none of the maintainers are particularly adept with SARIF, so a PR would be welcome! cc original PR author @shaopeng-gh

Happy to help any PR authors who get stuck.

This was referenced Dec 11, 2022
Merged
Merged
@pdil
Copy link
Contributor Author
pdil commented Dec 11, 2022

Thanks @MichaelChirico, just opened a PR.

@shaopeng-gh
Copy link
Contributor

@pdil Thanks for reporting and fixing the issue! Both you description of the issue and the fix looks good to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted ❤️ we'd love your help!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix sarif_output() format when linting produces no results pdil/lintr
3 participants
@MichaelChirico @pdil @shaopeng-gh