Skip to content

Add new troubleshooting codeql #17116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Apr 19, 2022
Merged

Add new troubleshooting codeql #17116

merged 5 commits into from
Apr 19, 2022

Conversation

cmwilson21
Copy link
Contributor

Why:

Closes 15967

What's being changed:

Changed the second, third, and fourth paragraphs in "Reduce the amount of code being analyzed in a single workflow" section to a reusable titled - "alerts-found-in-generated-code" and created a new section with that same name. The new section was placed after "Lines of code scanned are lower than expected" and before the section "Extraction errors in the database". I'm happy to move it to a different spot if it makes more sense somewhere else.

Check off the following:

  • I have reviewed my changes in staging (look for "Automatically generated comment" and click Modified to view your latest changes).
  • For content changes, I have completed the self-review checklist.

Writer impact (This section is for GitHub staff members only):

  • This pull request impacts the contribution experience
    • I have added the 'writer impact' label
    • I have added a description and/or a video demo of the changes below (e.g. a "before and after video")

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Apr 15, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Apr 15, 2022
edited
Loading

Automatically generated comment ℹ️

This comment is automatically generated and will be overwritten every time changes are committed to this branch.

The table contains an overview of files in the content directory that have been changed in this pull request. It's provided to make it easy to review your changes on the staging site. Please note that changes to the data directory will not show up in this table.

Content directory changes

You may find it useful to copy this table into the pull request summary. There you can edit it to share links to important articles or changes and to give a high-level overview of how the changes in your pull request support the overall goals of the pull request.

Source Preview Production What Changed
content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md Modified Original

@ramyaparimi ramyaparimi added content This issue or pull request belongs to the Docs Content team waiting for review Issue/PR is waiting for a writer's review code security Content related to code security and removed triage Do not begin working on this issue until triaged by the team labels Apr 15, 2022
@ramyaparimi
Copy link
Contributor

@cmwilson21
Thanks so much for opening a PR! I'll get this triaged for review ⚡

felicitymay
felicitymay reviewed Apr 19, 2022
View reviewed changes
Copy link
Contributor

@felicitymay felicitymay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally looks great - thanks 💖

Reviewing your PR made me realize an oversight in my original suggestion here, but once that's resolve, this should be ready to merge 👍🏻

data/reusables/code-scanning/alerts-found-in-generated-code.md Outdated

For languages like Go, JavaScript, Python, and TypeScript, that {% data variables.product.prodname_codeql %} analyzes without compiling the source code, you can specify additional configuration options to limit the amount of code to analyze. For more information, see "[Specifying directories to scan](/code-security/secure-coding/configuring-code-scanning#specifying-directories-to-scan)."

If you split your analysis into multiple workflows as described above, we still recommend that you have at least one workflow which runs on a `schedule` which analyzes all of the code in your repository. Because {% data variables.product.prodname_codeql %} analyzes data flows between components, some complex security behaviors may only be detected on a complete build.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've only just noticed that this last paragraph refers to the original first paragraph (the one that's not included in this new reusable). 🙈

I think it probably makes sense to move line 5 out of the reusable and back into its original location, after the reusable is called.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it! Pushed the new changes just now :)

felicitymay
felicitymay approved these changes Apr 19, 2022
View reviewed changes
Copy link
Contributor

@felicitymay felicitymay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Courtney, that looks great 💖

🚀

@felicitymay felicitymay enabled auto-merge (squash) April 19, 2022 20:16
@felicitymay felicitymay merged commit 98f1f28 into github:main Apr 19, 2022
@github-actions
Copy link
Contributor

Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours. If you're looking for your next contribution, check out our help wanted issues

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felicitymay felicitymay felicitymay approved these changes

Assignees
No one assigned
Labels
code security Content related to code security content This issue or pull request belongs to the Docs Content team waiting for review Issue/PR is waiting for a writer's review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[User feedback] Add new troubleshooting section to CodeQL article
3 participants
@cmwilson21 @ramyaparimi @felicitymay