Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CodeQL scans for golang #2643

Merged
merged 8 commits into from
Feb 21, 2024
Merged

Fix CodeQL scans for golang #2643

merged 8 commits into from
Feb 21, 2024

Conversation

geigerj0
Copy link
Contributor

@geigerj0 geigerj0 commented Feb 20, 2024
edited
Loading

Problem

The CodeQL scans stopped working after the go version was bumped from 1.20 to 1.21: 9a9d98c#diff-751af1a340658c7b8176fe32d7db9fadbe15d1d075daba1919a91df04155bc70R9. Note that for this commit, the CodeQL scans were still working because the Docker image being used during the scan was still on 1.20. Following commits started to have failing CodeQL scans for Go: https://github.com/cloudfoundry/app-autoscaler-release/commits/main/?since=2024-01-08&until=2024-01-08.

The root cause why the scans stopped working with go 1.21 in combination with our own autoscaler-tools Docker image is the following:

Solution

Install file for our autoscaler-release-tools Docker image so that the CodeQL workaround for go 1.21 actually works.

Tests if solution works

Why are scans not working for latest commit of this PR?

Because the CI pipeline is still using a Docker image that doesn't come with file. After this PR has been merged, a new Docker image will be build. This causes subsequent CodeQL scans to work again.

@geigerj0 geigerj0 changed the title WIP Fix CodeQL scans Feb 20, 2024
@geigerj0 geigerj0 changed the title Fix CodeQL scans Fix CodeQL scans for golang Feb 20, 2024
@geigerj0 geigerj0 added allow-acceptance-tests This label needs to be added to enable the acceptance tests to run. exclude-from-changelog labels Feb 21, 2024
silvestre
silvestre approved these changes Feb 21, 2024
View reviewed changes
Copy link
Member

@silvestre silvestre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow. nice sleuthing!

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Feb 21, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@geigerj0 geigerj0 merged commit a4b8ff0 into main Feb 21, 2024
31 of 32 checks passed
@geigerj0 geigerj0 deleted the fixcodeql branch February 21, 2024 11:25
@geigerj0
Copy link
Contributor Author

The scans are back after merging this to main 🚀: https://github.com/cloudfoundry/app-autoscaler-release/actions/runs/7988268158/job/21812725945

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@silvestre silvestre silvestre approved these changes

Assignees
No one assigned
Labels
allow-acceptance-tests This label needs to be added to enable the acceptance tests to run. exclude-from-changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@geigerj0 @silvestre