github/codeql-action/analyze should offer an output for the sarif path (original) (raw)
There's an input for the output:
codeql-action/analyze/action.yml
Line 4 in57a11be
| inputs: |
|---|
codeql-action/analyze/action.yml
Lines 8 to 11 in57a11be
| output: |
|---|
| description: The path of the directory in which to save the SARIF results |
| required: false |
| default: "../results" |
But there is no output for the sarif file path:
codeql-action/analyze/action.yml
Lines 79 to 83 in57a11be
| outputs: |
|---|
| db-locations: |
| description: A map from language to absolute path for each database created by CodeQL. |
| sarif-id: |
| description: The ID of the uploaded SARIF file. |
The output file defaults to ../results which isn't accepted by actions/upload-artifact:
https://github.com/jsoref/pdns/actions/runs/5657547911/job/15326842548#step:12:4
https://github.com/jsoref/pdns/actions/runs/5657547911/job/15326842548#step:12:48
Run actions/upload-artifact@v3 with: name: sarif path: ../results if-no-files-found: warn ... Error: Invalid pattern '../results'. Relative pathing '.' and '..' is not allowed.