What happened?
Hi Team, Can someone help me, if they have faced similar issue before for this action?
Steps-
- Used basic policy as a example from this example https://github.com/advanced-security/policy-as-code/blob/main/examples/policies/basic.yml but changed depedabot alerts to critical level
- used action like below
- name: Run GHAS Policy Check
id: policy-check
uses: advanced-security/policy-as-code@2.11.1
with:
severity: ${{ inputs.severity }}
repository: ${{ github.repository }}
policy-path: /tmp/policy-repo/github-policies/${{ inputs.policy-name }}.yaml
token: ${{ steps.github-app-token.outputs.token }}
action: ${{ inputs.action-on-failure }}
argvs: " --display --disable-secret-scanning"
- Github app has all required permissions but when executing above action on main branch which has 4 critical dependabot alerts which I want to be shown in state report.
Expected result- 5-6 critical alerts should be found by action and reported in status report at the end of action execution
Actual result-
Not getting report summary but getting below exceptions. Can someone help to guide in this.
GitHub Instance :: https://github.com/
GitHub Reference (branch/pr) :: refs/heads/main
Policy as Code
Code Scanning Results
Dependabot Results
Error: Unknown Exception was hit, please report this to https://github.com/advanced-security/policy-as-code
Error: Bad Request (status code: 400)
ERROR:root:Unknown Exception was hit, please report this to https://github.com/advanced-security/policy-as-code
ERROR:root:Bad Request (status code: 400)
INFO:root:Total Dependency Graph :: 3867
INFO:root:Dependency Graph violations :: 0
ERROR:ghastoolkit.octokit:Error code from server :: 500
Dependency Graph
Total Dependency Graph :: 3867
Dependency Graph violations :: 0
Dependency Graph Results - Licensing
Error: Unknown Exception was hit, please report this to https://github.com/advanced-security/policy-as-code
ERROR:root:Unknown Exception was hit, please report this to https://github.com/advanced-security/policy-as-code
ERROR:root:GitHub Server Error (status code: 500)
INFO:root:Total unacceptable alerts :: 3
INFO:root:Skipping threshold break check...
Error: GitHub Server Error (status code: 500)
Version
v2 (current major version)
Where are you experiencing the issue?
No response
Relevant log output
Code of Conduct
What happened?
Hi Team, Can someone help me, if they have faced similar issue before for this action?
Steps-
id: policy-check
uses: advanced-security/policy-as-code@2.11.1
with:
severity: ${{ inputs.severity }}
repository: ${{ github.repository }}
policy-path: /tmp/policy-repo/github-policies/${{ inputs.policy-name }}.yaml
token: ${{ steps.github-app-token.outputs.token }}
action: ${{ inputs.action-on-failure }}
argvs: " --display --disable-secret-scanning"
Expected result- 5-6 critical alerts should be found by action and reported in status report at the end of action execution
Actual result-
Not getting report summary but getting below exceptions. Can someone help to guide in this.
Version
v2 (current major version)
Where are you experiencing the issue?
No response
Relevant log output
Code of Conduct