Hi Mracel,
Good effort and great work and I have just started learning GitActions. I am getting an error when i run the foundation yaml to create the RGs and its for the Update SARIF file
Error: repository not enabled for code scanning
I am using a private github and I cant find a way to enable this code scanning?
Microsoft DevOps MVP | DevOps Architect | Technical speaker focused on Microsoft technologies, IaC and automation in Azure. Find me on GitHub: https://github.com/Pwd9000-ML
Hi @mostafaameenhashim.
That’s wonderful to hear that you are learning about GitHub Actions.
Did you say you have a private repository. If you are using a Private repository the following applies for code scanning:
If you’re using a private repository you will need GitHub Advanced Security, it is available for enterprise accounts on GitHub Enterprise Cloud and GitHub Enterprise Server 3.0 or higher.
GitHub Advanced Security is automatically included in all public repositories. So if you use a public repo it will work fine. If not you will need GitHub enterprise.
But, you can however set the TFSEC input on the Action to false if you are using a private repo and don’t have an enterprise account and don’t want to use a public repo.
In this case if you do want to use TFSEC have a look at my other blog post on how you can still use TFSEC using VsCode extension here: dev.to/pwd9000/iac-scanning-with-t...
Microsoft DevOps MVP | DevOps Architect | Technical speaker focused on Microsoft technologies, IaC and automation in Azure. Find me on GitHub: https://github.com/Pwd9000-ML
@mostafaameenhashim
I have also now added the setting to be optional on re-usable workflows and also updated the blog post slightly to give extra guidance and information if you are using a Private repository and don't have a GitHub enterprise account :)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi Mracel,
Good effort and great work and I have just started learning GitActions. I am getting an error when i run the foundation yaml to create the RGs and its for the Update SARIF file
Error: repository not enabled for code scanning
I am using a private github and I cant find a way to enable this code scanning?
Thanks
Hi @mostafaameenhashim.
That’s wonderful to hear that you are learning about GitHub Actions.
Did you say you have a private repository. If you are using a Private repository the following applies for code scanning:
If you’re using a private repository you will need GitHub Advanced Security, it is available for enterprise accounts on GitHub Enterprise Cloud and GitHub Enterprise Server 3.0 or higher.
GitHub Advanced Security is automatically included in all public repositories. So if you use a public repo it will work fine. If not you will need GitHub enterprise.
But, you can however set the TFSEC input on the Action to false if you are using a private repo and don’t have an enterprise account and don’t want to use a public repo.
In this case if you do want to use TFSEC have a look at my other blog post on how you can still use TFSEC using VsCode extension here: dev.to/pwd9000/iac-scanning-with-t...
@mostafaameenhashim
I have also now added the setting to be optional on re-usable workflows and also updated the blog post slightly to give extra guidance and information if you are using a Private repository and don't have a GitHub enterprise account :)