Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to validate code scanning workflow: error: getWorkflow() failed #18279

Open
parsley72 opened this issue Dec 12, 2024 · 6 comments
Open
Labels
question Further information is requested

Comments

@parsley72
Copy link

When I run my build it includes this step:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
  uses: github/codeql-action/init@v3
  with:
    languages: ${{ matrix.language }}
    source-root: source/my-app
    queries: security-extended

I'm getting this warning:

Initialize CodeQL
Unable to validate code scanning workflow: error: getWorkflow() failed: Error: Expected to find a code scanning workflow file at /home/runner/work/My-Repo-Name/My-Repo-Name/.github/workflows/ci-build.yml, but no such file existed. This can happen if the currently running workflow checks out a branch that doesn't contain the corresponding workflow file.

But the repo isn't being checked out to the root of the directory, as explained in source-root. Is there any way of telling CodeQL to look in the subdirectory to find the workflow?

@parsley72 parsley72 added the question Further information is requested label Dec 12, 2024
@rvermeulen
Copy link
Contributor

Hi @parsley72,

Thanks for you question. The init action tries to validate the workflow that is calling the init action.

This workflow should be available if you perform a actions/checkout step before the gitHub/codeql-action/init step.

The source-root property is to inform CodeQL that the root of the source is not the root of the repository. This can be the case if you have multiple projects in a repository.

To provide some further guidance we need to see the full workflow to better understand your use case.

@parsley72
Copy link
Author

For reasons the actions/checkout step looks something like:

- name: Checkout repository
  uses: actions/checkout@v4
  with:
    path: source/my-app

so the root of the repo is in that directory.

@rvermeulen
Copy link
Contributor

rvermeulen commented Dec 13, 2024

Thanks, that clarifies. It seems we don't take that into consideration https://github.com/github/codeql-action/blob/dd7559424621a6dd0b32ababe9e4b271a87f78d2/src/workflow.ts#L261

I will file an issue and determine how we can resolve that.

@rvermeulen
Copy link
Contributor

Hi @parsley72,

If possible to share, we would like to understand the reasons/use-case for checking out the repository in the non-default path source/my-app.

@parsley72
Copy link
Author

It's a Yocto build. We checkout the Yocto build then checkout the application source code into the source directory to build it.

@rvermeulen
Copy link
Contributor

Thanks for sharing!

Your issue has been reported to the team who will triage and determine how to address it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants