update sbom pipeline

- upload SARIF report
Gepardec · Jul 5, 2024 · e4d70d2 · e4d70d2
1 parent d90cf10
commit e4d70d2
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/.github/workflows/sbom.yaml b/.github/workflows/sbom.yaml
@@ -27,7 +27,12 @@ jobs:
 
       - name: Scan current project
         uses: anchore/scan-action@v3
+        id: scan
         with:
           path: "."
           fail-build: false
-          output-format: table
+
+      - name: Upload anchore scan SARIF report
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.scan.outputs.sarif }}