1

Any pointer why my codeql analysis is failing ? I am not getting any indication in log. Once Analysis ends, it also deletes all files from _work/_temp thus I am unable to see what's happening.

Here is my yml to start the code ql analysis

name: "CodeQL CI Workflow"

env:
  CATALINA_HOME: "/apps/tomcat/apache-tomcat-9.0.44"
  JAVA_HOME: "/apps/jdk1.8.0_231"

on:
  push:
    branches:
      - master
      - support/*
  pull_request:
    branches:
      - master
      - support/*

jobs:
  code_ql_scan:
    runs-on: [ rhelcicd ]
    environment: dev
    strategy:
      fail-fast: false
      matrix:
        language: [ 'java' ]
    steps:
      - run: env
      - uses: actions/checkout@v2
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v1
        with:
          debug: true
          languages: ${{ matrix.language }}
          config-file: ./.github/codeql/codeql-config.yml
      - name: Building application using ant
        run: ant -f build.xml -Dfile.encoding=ISO-8859-1 -Ddir.javadevlib=./javadevlib -Ddir.deploy=./built_artifact -Dapp.name=my-webapp
      # Perform the CodeQL Analysis on compiled code by Ant 
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v1
        with:
          debug: true
      - name: Cleanup
        if: ${{ always() }}
        run: docker ps -q | xargs -n 1 -P 8 -I {} docker stop {}
      - run : pwd
      - run : ls

Here is my query config file ( ./.github/codeql/codeql-config.yml )

name: "CodeQL config"
queries:
  - uses: security-and-quality
  - uses: security-extended
paths-ignore:
  - .idea
  - .m2
  - conf
  - etc
  - public_html
  - ssccloud
  - xmlfiles
  - lib
  - javadevlib

Here is the log

...................................... lots of other CWE processing logs ...........................................................

2022-02-04T20:51:05.1870388Z [27/178] Found in cache: /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-502/UnsafeDeserialization.ql.
2022-02-04T20:51:05.1871797Z Compiling query plan for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-611/XXE.ql.
2022-02-04T20:51:05.1873100Z Resolving imports for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-611/XXE.ql.
2022-02-04T20:51:05.1874485Z Compiling query plan for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-614/InsecureCookie.ql.
2022-02-04T20:51:05.1876013Z Resolving imports for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-614/InsecureCookie.ql.
2022-02-04T20:51:05.1877647Z Compilation cache hit for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-614/InsecureCookie.ql.
2022-02-04T20:51:05.1879200Z [28/178] Found in cache: /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-614/InsecureCookie.ql.
2022-02-04T20:51:05.1880653Z Compiling query plan for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-643/XPathInjection.ql.
2022-02-04T20:51:05.1882101Z Resolving imports for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-643/XPathInjection.ql.
2022-02-04T20:51:05.1883909Z Compilation cache hit for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-611/XXE.ql.
2022-02-04T20:51:05.1885185Z [29/178] Found in cache: /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-611/XXE.ql.
2022-02-04T20:51:05.1886658Z Compiling query plan for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-java/Security/CWE/CWE-681/NumericCastTainted.ql.
2022-02-04T20:51:05.1887950Z Resolving imports for /home/actions/actions-runner/_work/_tool/CodeQL/0.0.0-20211005/x64/codeql/qlpacks/codeql-j
2022-02-04T20:51:05.1889117Z     at runQueries (/home/actions/actions-runner/_work/_actions/github/codeql-action/v1/lib/analyze.js:193:19)
2022-02-04T20:51:05.1890035Z     at processTicksAndRejections (internal/process/task_queues.js:93:5) {
2022-02-04T20:51:05.1890832Z   name: 'CodeQLAnalysisError',
2022-02-04T20:51:05.1891564Z   queriesStatusReport: { analyze_failure_language: 'java' }
2022-02-04T20:51:05.1892054Z }
2022-02-04T20:51:05.3776434Z Post job cleanup.
2022-02-04T20:51:05.8506780Z Cleaning up orphan processes
Bakul Brahmbhatt
  • 61
  • 6
  • Maybe try enabling debug logging as mentioned [here](https://github.com/github/codeql-action/issues/430#issuecomment-804450261), or report the issue on the codeql-action repository. – Marcono1234 Mar 05 '22 at 16:54

0 Answers0