Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add support for downloading internal submodules #109

Open
pravindahal opened this issue Jan 31, 2025 · 1 comment
Open

Add support for downloading internal submodules #109

pravindahal opened this issue Jan 31, 2025 · 1 comment

Comments

@pravindahal
Copy link
Contributor

pravindahal commented Jan 31, 2025
edited
Loading

Example:

Some packages could not be found
View workflow run
4 packages could not be found:

github.com/coopnorge/go-services-interfaces/coopnorge/customerintelligence/v1beta1, github.com/coopnorge/go-services-interfaces/coopnorge/person/v1, github.com/coopnorge/go-identity-lib/interceptor, github.com/coopnorge/go-identity-lib/validator.

Definitions in those packages may not be recognized by CodeQL, and files that use them may only be partially analyzed.

Check that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a custom build command.

ref: https://github.com/coopnorge/member-customer-intelligence/security/code-scanning/tools/CodeQL/status/configurations/actions-FZTWS5DIOVRC653POJVWM3DPO5ZS643FMN2XE2LUPEWXGY3BNYXHSYLNNQ/4eeae8528dd3977f51a07e7e64bef83c376a36b3e5194343eec480d910bb58a8
ref: https://github.com/coopnorge/member-customer-intelligence/actions/runs/12979542062
@pravindahal
Copy link
Contributor Author

I see that it was being worked on here: #78

This was referenced Feb 10, 2025
Merged
Merged
Merged
Merged
Open
Open
Merged
Merged
Open
Open
Merged
Merged
Open
Merged
Open
Open
Merged
Open
Merged
Merged
Open
bendiknesbo pushed a commit to coopnorge/mage-kubernetes-lib that referenced this issue Feb 11, 2025
@pravindahal
chore: Change security-scan workflow to inherit secrets (#64)
d066c18 
Since security scan workflow does not have access to GitHub token, it
cannot download private submodules:
-
coopnorge/github-workflow-supply-chain-security-validation#109

While it only affects repos with go projects which use private/internal
submodules, there are no downsides to having
this in every repo and it helps us keep things consistent.

This PR was automatically generated by a codemod implemented in the
following PR:
- coopnorge/codemod#124
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pravindahal