Microsoft DevOps Engineer Expert AZ-400 Practice Question
You are configuring a GitHub Actions workflow for a repository containing several Go-based microservices. The build job must run inside the golang:1.21-alpine container, specified using the container keyword, to maintain consistency with production images. When you add the CodeQL action to this job, the init step fails because the CodeQL CLI is incompatible with Alpine Linux. You must perform CodeQL analysis on pull requests, but the primary build artifact must still be generated from the alpine container. Which modification meets all requirements?
In the existing job, build the code, and then pass the compiled binaries as artifacts to a second job that runs the CodeQL analyze step.
Add CODEQL_RUN_IN_ALPINE=true to the job's environment variables to enable a compatibility mode for Alpine Linux.
In the existing job, add a step to install a glibc compatibility layer inside the Alpine container before the CodeQL init step runs.
Create a second job that runs on an ubuntu-latest runner. This job will check out the code and use the CodeQL action to initialize, build, and analyze the Go code.
The CodeQL CLI requires a glibc-based Linux environment and is not compatible with musl-based distributions like Alpine Linux. Because the build must occur in the golang:1.21-alpine container, you cannot run the CodeQL analysis steps within that same job. The correct approach is to create a second, separate job that runs in a supported environment, such as the default ubuntu-latest runner. This new job checks out the code and performs its own build (using autobuild or explicit commands) solely for CodeQL to analyze. The original build job can run independently to produce the required production artifact. Passing compiled binaries is incorrect because CodeQL for Go needs to monitor the build process itself. Installing a glibc compatibility layer is overly complex and not a recommended or reliable solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is CodeQL incompatible with Alpine Linux?
Open an interactive chat with Bash
Why is it better to use a second job for CodeQL analysis in `ubuntu-latest`?
Open an interactive chat with Bash
Why can't compiled binaries be passed for CodeQL analysis?
Open an interactive chat with Bash
Microsoft DevOps Engineer Expert AZ-400
Develop a security and compliance plan
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .