-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error: "filepath does not represent a valid path" #11
Comments
Hi @dominic-oconnor : thanks for reporting this. I think this is a documentation miss. What we're actually looking for in You can see a sample of a Github workflow that uses this action here: https://github.com/tjarrettveracode/.github/blob/main/workflow-templates/policyscan-java.yml Note that this example actually performs a Maven build, which may not apply for your project, but the portion that invokes the action should help clarify how to use this parameter. We'll work on clarifying this in the documentation, so I'll keep this ticket open until we do. |
Ahhh got it. Thanks! 🚀 |
Can you please explain this snippet to me: - uses: actions/upload-artifact@v2 # Copy files from repository to docker container so the next uploadandscan action can access them.
with:
path: '**/*.war' # Wildcards can be used to filter the files copied into the container. See: https://github.com/actions/upload-artifact How exactly does uploading an artifact to Github place it into the container? I'm struggling to get this working with the same error as @dominic-oconnor, and can't make heads or tails of what is happening or why it's failing. I've tried specifying the fully-qualified path to a zip file, and it is declared invalid. I've also tried uploading an artifact and setting filepath to the name of the artifact, but it is also invalid. My zip file is created successfully, and I can get the scans to run just fine if I manually use the JAR from Here's my setup, any help is appreciated: integration_tests:
name: Run Veracode
needs: get_projects
runs-on: ubuntu-latest
defaults:
run:
shell: bash
strategy:
max-parallel: 8
fail-fast: false
matrix:
project_dir: ${{ fromJson(needs.get_projects.outputs.matrix) }}
steps:
- uses: actions/checkout@v2
- name: Get Project Name
uses: actions/github-script@v4
id: project-name
with:
script: |
const regex = /Ecomm.*/;
const projectName = '${{ matrix.project_dir }}'.match(regex)[0];
console.log(projectName);
core.setOutput('projectName', projectName);
- name: Setup dotnet 5.0.x
uses: actions/[email protected]
with:
dotnet-version: 5.0.x
- name: Run Build
run: dotnet build --output ./output
working-directory: ${{ matrix.project_dir }}
- uses: actions/upload-artifact@v2
with:
path: |
${{ matrix.project_dir }}/output/${{ steps.project-name.outputs.projectName }}*.dll
${{ matrix.project_dir }}/output/${{ steps.project-name.outputs.projectName }}*.pdb
- uses: veracode/veracode-uploadandscan-action@master
with:
appname: ${{ steps.project-name.outputs.projectName }}
createprofile: 'true'
filepath: '${{ matrix.project_dir }}/output/'
vid: ${{ secrets.VERACODE_API_ID }}
vkey: ${{ secrets.VERACODE_API_KEY }}
createsandbox: 'true'
sandboxname: Development Sandbox
scantimeout: 60
deleteIncompleteScan: 'true'
criticality: VeryHigh |
Hi @bharrison-wingstop -- sorry for the confusion. My sample script is set up to perform building and scanning in different jobs, which is why I'm capturing the results of the build as an artifact in between. If you're doing everything in one job, you don't need In your case, I think you just need to make sure of the following:
In your case, though, since you're uploading EXE and DLL files, I'd recommend zipping those up first and then just specifying the zip file name for the Hope this is helpful. |
Edit: I tried several different existing directories, creating a new directory, removing wildcards and giving the a complete filename.... The only strategy that got my workflow to success was zipping both files into the working directory and passing only the filename to this action:
Hi @tjarrettveracode
All receiving the same result of invalid filepath. According to the help files, tar is supported so that shouldn't be the issue. My code:
Runner performing a check for the files
Inputs at the start of the Veracode job
However, still receiving the not found error
|
Hi @JohnARauchwarter , yes, sorry my response was delayed and thanks for posting the solution you found. The action currently can only upload from within the current working directory or a subdirectory. The |
@tjarrettveracode Hi ! I think I'm also hitting the issue a bit hard here, I can see that my runner is mounting a volume to start the action, and it should make the folder of my files available in I just tried the example |
Okay, for those who might be struggling, add another step before the action: - name: Find files for upload and move them
run: pwd && find . -name *.war -exec mv -t . {} + && ls -lia |
I ran into something similar and the only thing that worked for me was passing in the .zip file without anything else. See below
|
I've tried many different formats for the filepath and I get the same "filepath does not represent a valid path." error every time.
The README documentation includes this snippet:
which suggests I should use a relative path with a trailing forward slash. The folder I want to upload is named "api" and is in the top level of my project. I've tried
api/
,api
,/api
, and/api/
and I get the same error.Full output from the action is below:
The text was updated successfully, but these errors were encountered: