codeql-action
codeql-action copied to clipboard
Published
20 hours ago •
github
github
CodeQL won't run locally using `act`
I get an HttpError when I run CodeQl locally using act. I opened an issue on act and was pointed to this PR: https://github.com/github/codeql-action/pull/117 but adding the environment variable to the .env or to the workflow file isn't working for me, I still get the HttpError.
Output:
:error::init action failed: HttpError: Not Found
| RequestError [HttpError]: Not Found
| at /run/act/actions/github-codeql-action-init@v1/node_modules/@octokit/request/dist-node/index.js:66:23
| at processTicksAndRejections (internal/process/task_queues.js:95:5)
| at async Job.doExecute (/run/act/actions/github-codeql-action-init@v1/node_modules/bottleneck/light.js:405:18) {
| status: 404,
| headers: {
| 'access-control-allow-origin': '*',
| 'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
| connection: 'close',
| 'content-encoding': 'gzip',
| 'content-security-policy': "default-src 'none'",
| 'content-type': 'application/json; charset=utf-8',
| date: 'Mon, 07 Mar 2022 23:14:30 GMT',
| 'github-authentication-token-expiration': '2022-03-27 20:43:49 UTC',
| 'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
| server: 'GitHub.com',
| 'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
| 'transfer-encoding': 'chunked',
| vary: 'Accept-Encoding, Accept, X-Requested-With',
| 'x-accepted-oauth-scopes': '',
| 'x-content-type-options': 'nosniff',
| 'x-frame-options': 'deny',
| 'x-github-media-type': 'github.v3; format=json',
| 'x-github-request-id': 'C887:1551:D68506:1958891:622691D5',
| 'x-oauth-scopes': 'admin:org, repo',
| 'x-ratelimit-limit': '5000',
| 'x-ratelimit-remaining': '4810',
| 'x-ratelimit-reset': '1646695312',
| 'x-ratelimit-resource': 'core',
| 'x-ratelimit-used': '190',
| 'x-xss-protection': '0'
| },
| request: {
| method: 'GET',
| url: 'https://api.github.com/repos/pieforproviders/pieforproviders/actions/runs/1',
| headers: {
| accept: 'application/vnd.github.v3+json',
| 'user-agent': 'CodeQL-Action/1.1.3 octokit-core.js/3.1.2 Node.js/14.19.0 (linux; x64)',
| authorization: 'token [REDACTED]'
| },
| request: { agent: [Agent], hook: [Function: bound bound register] }
| },
| documentation_url: 'https://docs.github.com/rest/reference/actions#get-a-workflow-run'
| }
command:
act --defaultbranch develop -s GITHUB_TOKEN=[token] --verbose
workflow file:
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ develop ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ develop ]
schedule:
- cron: '34 19 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript', 'ruby' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
env:
CODEQL_LOCAL_RUN: true
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
Unfortunately, the PR you linked to had to be reverted since it was too hard to maintain. The codeql-action will not work as a local action through act. The failure is because the workflow is making a request to determine what its run_id is and since this is being run through act, there is no workflow run.
@katelovescode Try this:
act -s GITHUB_TOKEN=PAT_HERE --env GITHUB_RUN_ID=13371337
Except replace GITHUB_RUN_ID with a recent run ID, and insert a personal access token.
You'll run into this though:
::error::Not authorized to use the CodeQL code scanning feature on this repo.
