Skip to content

Validate the codeql-action workspace for common errors #319

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 19 commits into from
Nov 26, 2020
Merged

Validate the codeql-action workspace for common errors #319

merged 19 commits into from
Nov 26, 2020

Conversation

simon-engledew
Copy link

@simon-engledew simon-engledew commented Nov 23, 2020
edited
Loading

This PR will automatically debug common issues with CodeQL workspaces:

  • run: git checkout HEAD^2
  • push with paths (the baseline wont update for every commit and we will end up with missing baselines)
  • no pull_request hook (this will stop working when we phase out guessing about intent via feature branches)
  • no push hook (we can't generate a baseline)
  • pull_request on branches that are not in push (you can open a PR against a branch with no baseline)

Todo:

  • Validate the current workflow looking for common CodeQL gotchas
  • Find a way to feed back the messages to the user
  • Test with a range of broken workflows

In an ideal world, I would love if I could get the actions scheduler to pass in the current workflow file as GITHUB_WORKFLOW_FILE. This would make introspection easier, running the action locally easier and save two API requests

I explored this idea and opened a feature request here: actions/runner#825

@simon-engledew
Copy link
Author

This gives you output like:

image

@simon-engledew simon-engledew marked this pull request as ready for review November 24, 2020 17:21
@krukow
Copy link

krukow commented Nov 25, 2020

Definitely a win :)

rneatherway
rneatherway reviewed Nov 25, 2020
View reviewed changes
robertbrignull
robertbrignull reviewed Nov 26, 2020
View reviewed changes
Copy link
Contributor

@robertbrignull robertbrignull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments but generally looks good and pretty clean and effective for notifying people of changes to how the workflow should look.

robertbrignull
robertbrignull approved these changes Nov 26, 2020
View reviewed changes
Copy link
Contributor

@robertbrignull robertbrignull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is fine now and all LGTM

@simon-engledew simon-engledew merged commit 8d18e34 into main Nov 26, 2020
@simon-engledew simon-engledew deleted the simon-engledew/lint-workspace branch November 26, 2020 16:36
@github-actions github-actions bot mentioned this pull request Nov 30, 2020
Merged
@github-actions github-actions bot mentioned this pull request Dec 7, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rneatherway rneatherway rneatherway approved these changes

@robertbrignull robertbrignull robertbrignull approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@simon-engledew @krukow @rneatherway @robertbrignull