sast-scan icon indicating copy to clipboard operation
sast-scan copied to clipboard

Published 20 hours ago verified publisher icon ShiftLeftSecurity

Not able to see scan result in dev azure due to sarif file empty

Open anime-shed opened this issue 9 months ago • 0 comments

HTML contains scan result but sarif file is empty image

image

Yml for pipeline:

trigger:
  branches:
    include:
      - master
pool:
 vmImage: ubuntu-latest

container: shiftleft/sast-scan:latest

steps:
    - script: scan --build --type depscan --out_dir $(Build.ArtifactStagingDirectory)/CodeAnalysisLogs
      displayName: "Perform Vulnerability Scan"
      continueOnError: "true"

    - task: PublishBuildArtifacts@1
      displayName: "Publish scan logs"
      inputs:
        PathtoPublish: '$(Build.ArtifactStagingDirectory)/CodeAnalysisLogs'
        ArtifactName: 'CodeAnalysisLogs'
        publishLocation: 'Container'
        StoreAsTar: true

anime-shed avatar May 24 '24 11:05 anime-shed