Kshitiz-Mhto commented on code in PR #1438:
URL: https://github.com/apache/streampipes/pull/1438#discussion_r1158775198
##########
.github/workflows/osv-scanner.yml:
##########
@@ -21,15 +21,23 @@ on:
jobs:
run-osv-scanner:
+
name: Run OSV Scanner
runs-on: ubuntu-latest
+
steps:
+
- name: Checkout
uses: actions/checkout@v3
+
+ - name: Pull OSV Scanner Docker image
+ run: docker pull ghcr.io/google/osv-scanner:latest
Review Comment:
i did try it in my repo, with this approach bt i am having trouble
generating the `VULNERABILITY.md` file that will contain the results. I
implemented as:
```
- name: Scan for vulnerabilities
id: osv_scan
uses: docker://ghcr.io/google/osv-scanner:latest
with:
args: --format markdown -r .
continue-on-error: true
```
- i cannot place ` grep -vE '^Scanned.*packages$' > VULNERABILITY.md` in
args
- i tried with ${{ steps.osv_scan.outputs.stdout }}, ${{
steps.osv_scan.outputs.result }} in another step but didnot work
```
- name: Save scan output to file
run: echo "${{ steps.osv_scan.outputs.stderr }}" | grep -vE
'^((Scanning|Scanned).*)$' > VULNERABILITY.md
```
- if we use `outputs:` to define the output of the osv-scanner job then we
will need to create another job to use that output
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
