feat: Update permissions + add upload step

GeekMasher · GeekMasher · commit 3dc8ff42442e · 2024-11-18T11:34:18.000Z
diff --git a/.github/workflows/container-security.yml b/.github/workflows/container-security.yml
@@ -31,6 +31,7 @@ jobs:
 
     permissions:
       contents: read
+      security-events: write
 
     steps:
       - name: Checkout repository
@@ -62,6 +63,12 @@ jobs:
           only-fixed: true
           fail-build: ${{ inputs.scanning-block }}
 
+      - name: Upload SARIF artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: sarif
+          path: ${{ steps.scan.outputs.sarif }}
+
       - name: Upload vulnerability report
         uses: github/codeql-action/upload-sarif@v3
         with:
