[GitHub Commenter] WARNING: Empty table records of issue BlackDuckHubResults from BlackDuck

[harsharora001]

While running the GitHub action for Blackduck, I can see the results properly, but the comments are not coming as PR comments

Action:

name: Perform Blackduck checkout
id: bd-scan
uses: synopsys-sig/[email protected]
env:
DETECT_PROJECT_NAME: '${{ env.blackduckProjectName }}'
DETECT_PROJECT_VERSION_NAME: master
DETECT_PARENT_PROJECT_NAME: master-project
DETECT_PARENT_PROJECT_VERSION_NAME: master
DETECT_PROJECT_DESCRIPTION: '${{ env.blackduckProjectName }}'
DETECT_TOOLS_EXCLUDED: SIGNATURE_SCAN
DETECT_WAIT_FOR_RESULTS: TRUE
DETECT_RISK_REPORT_PDF: TRUE
DETECT_POLICY_CHECK_FAIL_ON_SEVERITIES: BLOCKER,CRITICAL,MAJOR,MINOR
DETECT_TIMEOUT: 3600
LOGGING_LEVEL_COM_SYNOPSYS_INTEGRATION: DEBUG
DETECT_RISK_REPORT_PDF_PATH: ./bd-scan
DETECT_OUTPUT_PATH: ./bd-scan
DETECT_PROJECT_CODELOCATION_UNMAP: true
# DETECT_BLACKDUCK_RAPID_COMPARE_MODE: ALL
with:
blackduck_token: ${{ env.blackduckAuth }}
blackduck_url: ${{ secrets.DS_BLACKDUCK_URL }}
github_token: ${{ secrets.GITHUB_TOKEN }}
blackduck_scan_full: false
blackduck_automation_fixpr: false
blackduck_prComment_enabled: true
blackduck_scan_failure_severities: 'BLOCKER,CRITICAL,MAJOR,MINOR'
include_diagnostics: true

Github action logs

202***-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- ======== Detect Result ========
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Rapid Scan Result: (for more detail look in the log for Rapid Scan Result Details)
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Critical and blocking policy violations for
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * Components: 0
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * Security: 0
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * License: 0
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Other policy violations
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * Components: 3
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * Security: 11
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- * License: 0
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Policies Violated:
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- High Security Vulnerability
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Medium Security Vulnerability
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Components with Policy Violations:
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Components with Policy Violation s:
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Lodash .6.0 (npmjs:lodash.omitby/.6.0)
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- follow-redirects 1.15.5 (npmjs:follow-redirects/1.15.5)
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- ===== Transitive Guidance =====
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Transitive upgrade guidance:
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Upgrade component axios/1.6.0 to version 1.6.8 in order to upgrade transitive component follow-redirects/1.15.5
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- ======== Detect Stat ========
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- GIT: SUCCESS
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- NPM: SUCCESS
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Overall Stat: SUCCESS - Detect exited successfully.
202***-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- ===============================
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: ---
202-05-25 :30:31.0000 UTC [Blackduck Execution] [main] INFO: --- Detect duration: 00h 01m 26s 268ms
202-05-25 :30:31.1515 UTC [Blackduck Execution] INFO: Provided value for resource 'blackduck.completed'
202-05-25 :30:31.1515 UTC [Blackduck Execution] DEBUG: Provided value '' for resource 'blackduck.completed'
202***-05-25 :30:31.1522 UTC [Blackduck Execution] INFO: Provided value for resource 'blackduck.results.path'
202-05-25 :30:31.1523 UTC [Blackduck Execution] DEBUG: Provided value '/home/runner/work//.bridge/Blackduck Execution/detect' for resource 'blackduck.results.path'
202***-05-25 :30:31.1527 UTC [Blackduck Execution] INFO: Adapter finished
202-05-25 :30:31.2980 UTC [Synopsys Bridge] INFO: Starting adapters for stage githubprcomment
202-05-25 :30:31.2898 UTC [Blackduck Results] DEBUG: reading report file "/home/runner/work//.bridge/Blackduck Execution/detect/runs/202***-05-25--29-07-186/scan/_master_BlackDuck_DeveloperMode_Result.json"
202***-05-25 :30:31.738 UTC [Blackduck Results] INFO: *** retrieved successfully
202-05-25 :30:31.2981 UTC [SCM Checker] INFO: Adapter finished
202-05-25 :30:31.2981 UTC [Synopsys Bridge] INFO: Starting Adapter: GitHub Commenter
202-05-25 :30:31.5502 UTC [Blackduck Results] INFO: Added entry to resource 'commenter.issues'
202-05-25 :30:31.5502 UTC [Blackduck Results] DEBUG: Added entry 'BlackDuckHubResults' to resource 'commenter.issues.[0].uid'
202-05-25 :30:31.5502 UTC [Blackduck Results] DEBUG: Added entry '
x Found dependencies violating policy!
' to resource 'commenter.issues.[0].commentTable.description'
202-05-25 :30:31.5502 UTC [Blackduck Results] DEBUG: Added entry '[Policies Violated Dependency License(s) Vulnerabilities Short Term Recommended Upgrade Long Term Recommended Upgrade]' to resource 'commenter.issues.[0].commentTable.heads'
202-05-25 :30:31.5502 UTC [Blackduck Results] DEBUG: Added entry 'table' to resource 'commenter.issues.[0].commentType'
202-05-25 :30:31.5502 UTC [Blackduck Results] DEBUG: Added entry 'BlackDuck' to resource 'commenter.issues.[0].from'
202-05-25 :30:31.550 UTC [Blackduck Results] INFO: Adapter finished
202-05-25 :30:31.595 UTC [Blackduck Component Locator] INFO: skipping fix pull requests creation as "blackduck.automation.fixpr" or "blackduck.fixpr.enabled" is configured to ***
202***-05-25 :30:31.6067 UTC [Blackduck Component Locator] INFO: Adapter finished
202-05-25 ***:30:31.6539 UTC [GitHub Commenter] INFO: will e default GitHub API URL "https://api.github.com/", as "github.api.url" and "github.host.url" is not configured
202-05-25 :30:32.6915 UTC [GitHub Commenter] WARNING: Empty table records of issue BlackDuckHubResults from BlackDuck
202-05-25 :30:32.70 UTC [GitHub Commenter] INFO: Adapter finished

[anitakrueger]

Did you get this working @harsharora001 ? I'd like to get PR comments working for our blackduck scans for visibility, but am getting the same warning despite there being security warnings in the detect rapid scan results.