trivy-action
trivy-action copied to clipboard
Published
20 hours ago •
aquasecurity
aquasecurity
Unable to upload Sarif to CodeQL
Looks to be same as: https://github.com/aquasecurity/tfsec/issues/1955 ... Maybe a new tag needs to be cut?
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@master
with:
scan-type: "config"
format: "sarif"
output: sarif.json
ignore-unfixed: true
hide-progress: false
exit-code: 1
# Uploads report via CodeQL.
- name: Upload scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: sarif.json
Error Output
Building SARIF report with options: --exit-code 1 .
Run github/codeql-action/upload-sarif@v2
Uploading results
Waiting for processing to finish
Error: Code Scanning could not process the submitted SARIF file:
SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file"
InvalidRequestError: Code Scanning could not process the submitted SARIF file:
SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file"
at Object.waitForProcessing (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:351:23)
at async run (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:57:13)
at async runWrapper (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:72:9)
