[Example Workflow]

Feat/opg scanning poc #33

Sign in to view logs

Triggered via pull request November 12, 2024 14:40

j1mb0b

synchronize #6

feat/opg-scanning-poc

Status Failure

Total duration 2m 59s

Artifacts –

_example_workflow.yml

on: pull_request

Generate a safe branch name / Config

Matrix: Run CodeQL against the code base / Run CodeQL against application code

Run CodeQL against the code base / Config

Generate a safe branch name / Use github data to generate a clean branch name

Generate the workspace name / Generate the terraform workspace name to use

Generate a safe branch name / Results

Generate the workspace name / Results

Get terraform version / Config

Get terraform version / Find [./versions.tf], parse out the required_version data.

Get terraform version / Results

Run terraform linting / terraform_lint

Run TFSec against the code base / TFSec static analysis

Generate the semver tag value / Config

Generate the semver tag value / Create tags

Generate the semver tag value / Results

Matrix: Docker build, trivy scan, ECR push

terraform_account_build / Workflow Config

terraform_account_build / [Build - Infrastructure] Terraform Plan And Apply

End of workflow

Annotations

2 errors and 6 warnings

Docker build, trivy scan, ECR push (./service-app, helloworld, go test ./...)

Path does not exist: trivy-results.sarif

Docker build, trivy scan, ECR push (./service-app, helloworld, go test ./...)

Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers

Run TFSec against the code base / TFSec static analysis

The following actions use a deprecated Node.js version and will be forced to run on node20: github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Run TFSec against the code base / TFSec static analysis

CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/

Run CodeQL against the code base / Run CodeQL against application code (go)

The following actions use a deprecated Node.js version and will be forced to run on node20: github/codeql-action/init@v2, github/codeql-action/autobuild@v2, github/codeql-action/analyze@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Run CodeQL against the code base / Run CodeQL against application code (go)

CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/

Docker build, trivy scan, ECR push (./service-app, helloworld, go test ./...)

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Docker build, trivy scan, ECR push (./service-app, helloworld, go test ./...)

CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/