Skip to content

Commit

Permalink
Update README with upload-sarif v2
Browse files Browse the repository at this point in the history
rm3l committed Jul 2, 2022
1 parent f27c9ce commit 66e9b68
Showing 1 changed file with 32 additions and 17 deletions.
49 changes: 32 additions & 17 deletions README.md
Original file line number Diff line number Diff line change
@@ -27,22 +27,37 @@ Path to the SARIF report generated.
## Example usage

```yaml
- name: Scan Container Image
id: scan
uses: Azure/container-scan@v0.1
with:
image-name: my-container-image
jobs:
scan:
runs-on: ubuntu-latest
permissions:
#
# Below are permissions required for the upload-sarif Action.
# More details here: https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github
#

# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read
steps:
- name: Scan Container Image
id: scan
uses: Azure/container-scan@v0.1
with:
image-name: my-container-image

- name: Convert Container Scan Report to SARIF
id: scan-to-sarif
uses: rm3l/container-scan-to-sarif-action@v1
if: ${{ always() }}
with:
input-file: ${{ steps.scan.outputs.scan-report-path }}

- name: Upload SARIF reports to GitHub Security tab
uses: github/codeql-action/upload-sarif@v1
if: ${{ always() }}
with:
sarif_file: ${{ steps.scan-to-sarif.outputs.sarif-report-path }}
- name: Convert Container Scan Report to SARIF
id: scan-to-sarif
uses: rm3l/container-scan-to-sarif-action@v1
if: ${{ always() }}
with:
input-file: ${{ steps.scan.outputs.scan-report-path }}

- name: Upload SARIF reports to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: ${{ always() }}
with:
sarif_file: ${{ steps.scan-to-sarif.outputs.sarif-report-path }}
```

0 comments on commit 66e9b68

Please sign in to comment.