sq icon indicating copy to clipboard operation
sq copied to clipboard
verified publisher icon neilotoole

Fixes #464 ,Fix Codacy Security Scan workflow: Split SARIF runs to comply with GitHub limits

Open manab-pr opened this issue 2 months ago • 0 comments

#464 Fixes the Codacy Security Scan workflow that was failing due to GitHub Code Scanning's SARIF upload requirements.

Solution

1. Created split-sarif.py script (.github/scripts/split-sarif.py)

  • Splits a multi-run SARIF file into individual files
  • One SARIF file per analyzer run
  • Intelligent naming: results-01-gosec.sarif, results-02-revive.sarif, etc.
  • Extracts tool names from SARIF metadata for clarity

2. Updated workflow (.github/workflows/codacy.yml)

  • Calls the split script after Codacy analysis
  • Dynamically uploads all SARIF files using a bash loop
  • Each file gets a unique category: codacy-results-01-gosec, codacy-results-02-revive, etc.
  • Uses GitHub API (gh api) for flexible uploads
  • Handles any number of runs (not hardcoded to specific count)

manab-pr avatar Oct 07 '25 06:10 manab-pr