checkov-action
checkov-action copied to clipboard
bridgecrewio
Action to output results to file
Id like to be able to upload the output of the runner as a github artifact, and so I need the output as a file.
Hey, I'd like to work on this. Do you want the output of these commands in a separate file?:
version=$(curl -s https://api.github.com/repos/bridgecrewio/checkov/releases/latest | jq -r '.name')
sed -i'.bkp' -e 's/docker:\/\/bridgecrew\/checkov.*'\''/docker:\/\/bridgecrew\/checkov:'"${version}"''\''/g' action.yml
rm action.yml.bkp
@mohitsaxenaknoldus I think the request is for the output of the checkov cli command, not the output of the GitHub action.
@mikelax Where exactly is that command being called? I didn't find it in the repo.
I was able to just write the $CHECKOV_RESULTS to disk echo "$CHECKOV_RESULTS" > results.xml and go from there?
If the output within CHECKOV_RESULTS is too extensive Argument list too long might be thrown between operations. The new version of checkov itself has a CLI command parameter that does allow such operation --output-file-path , it only has to be added in action for it to work ( default value is CLI )
@jburgel-ohpen yes I think that this feature is now fully supported available for use within the GitHub action.
I just looked at a recent action run using this action that run ran 15 minutes ago. Notice the file line, it looks like it now creates a file automatically as this action runs with a default value of sarif if no value is provided for the output_format parameter.
I can open a PR that adds a new optional parameter named output_file_path to this action.
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By bridgecrew.io | version: 2.1.247
Update available 2.1.247 -> 2.1.254
Run pip3 install -U checkov to update
terraform scan results:
Passed checks: 1170, Failed checks: 0, Skipped checks: 3
Wrote output in SARIF format to the file 'results.sarif'