Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Warning for unused workflow in PR #1623

Open
AnnAngela opened this issue Mar 29, 2023 · 8 comments
Open

Warning for unused workflow in PR #1623

AnnAngela opened this issue Mar 29, 2023 · 8 comments
Assignees
Labels
awaiting-response question Further information is requested

Comments

@AnnAngela
Copy link

I have a workflow Linter test only for manually dispatching. But codeql always reports this warning (example):

Warning: Code scanning cannot determine the alerts introduced by this pull request, because 1 configuration present on refs/heads/master was not found:
Actions workflow (Linter test.yml)
❓  .github/workflows/Linter test.yml:test
No new alerts

How can I remove this warning?

@aeisenberg
Copy link
Contributor

You need to run the workflow at least one time on the master branch in order for code scanning to get a baseline of alerts. Preferably, you should be running it on a schedule: daily or weekly. This is because we are continually improving our coverage and code scanning may discover more alerts over time.

@aeisenberg aeisenberg self-assigned this Mar 29, 2023
@aeisenberg aeisenberg added question Further information is requested awaiting-response labels Mar 29, 2023
@AnnAngela
Copy link
Author

You need to run the workflow at least one time on the master branch in order for code scanning to get a baseline of alerts. Preferably, you should be running it on a schedule: daily or weekly. This is because we are continually improving our coverage and code scanning may discover more alerts over time.

Thanks for you advice, I will run the workflow on every day.

@AnnAngela
Copy link
Author

AnnAngela commented Mar 31, 2023

@aeisenberg Sorry, but this warning happened again after I manually ran that workflow yesterday.

@AnnAngela AnnAngela reopened this Mar 31, 2023
@aeisenberg
Copy link
Contributor

The issue that you are having is that there are two workflows that are running the same analysis. The code scanning back end considers these two different categories and cannot create a baseline for that. You need to run the Linter test.yml workflow on the default branch in order to get the baseline.

You would be better off running code scanning in a separate workflow that runs for pull requests and and pushes to your default branch. Currently, you have it running in two separate and unrelated workflows. I would recommend that you start with the default code scanning workflow that you can create as a template and is also available in the codeql-action README and remove the other uses of the action.

Also, unrelated, but looks like this line is giving the extractor some trouble. I think that's valid javascript, so I'll mention it to our JS team to take a look.

	const {
		get = elem => elem.value,
		set = (elem, value) => {
			elem.value = value;
		},
	} = $.valHooks.textarea || {};

@AnnAngela
Copy link
Author

@aeisenberg Thx for you clear explanation, I will try to pin the category and watch the result in next PR.

@AnnAngela
Copy link
Author

After evaluation, I decided to split the reuse workflow anyway. Thx again.

@AnnAngela
Copy link
Author

@aeisenberg Sorry again, but after I added the CodeQL to the workflow directly, the warnings reappeared, this time I cannot figure out what happened: https://github.com/MoegirlPediaInterfaceAdmins/MoegirlPediaInterfaceCodes/pull/161/checks?check_run_id=12466581690

@aeisenberg
Copy link
Contributor

Currently, you are running code scanning twice. You can remove these lines. https://github.com/MoegirlPediaInterfaceAdmins/MoegirlPediaInterfaceCodes/blob/master/.github/workflows/Linter%20test.yml#L52-L58

I think that should work, but not entirely sure. Try it out and let me know

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
awaiting-response question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants