Skip to content

Commit 88681f1

Browse files
david-waltermiredavid-waltermire
committed
fix: address PR review feedback for SARIF summaries
- Escape pipe characters in message text to prevent markdown table corruption - Upload entire codeql-results directory to support multi-language scans
1 parent ba5ec22 commit 88681f1

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

.github/workflows/build.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -174,7 +174,7 @@ jobs:
174174
echo "" >> $GITHUB_STEP_SUMMARY
175175
echo "| Severity | Rule | Location | Message |" >> $GITHUB_STEP_SUMMARY
176176
echo "|----------|------|----------|---------|" >> $GITHUB_STEP_SUMMARY
177-
jq -r '.runs[0].results[] | "| \(.level // "warning") | \(.ruleId // "unknown") | `\(.locations[0].physicalLocation.artifactLocation.uri // "unknown"):\(.locations[0].physicalLocation.region.startLine // "?")` | \(.message.text | gsub("\n"; " ") | .[0:80]) |"' "$sarif" >> $GITHUB_STEP_SUMMARY
177+
jq -r '.runs[0].results[] | "| \(.level // "warning") | \(.ruleId // "unknown") | `\(.locations[0].physicalLocation.artifactLocation.uri // "unknown"):\(.locations[0].physicalLocation.region.startLine // "?")` | \(.message.text | gsub("\n"; " ") | gsub("\\|"; "\\\\|") | .[0:80]) |"' "$sarif" >> $GITHUB_STEP_SUMMARY
178178
echo "" >> $GITHUB_STEP_SUMMARY
179179
echo "</details>" >> $GITHUB_STEP_SUMMARY
180180
fi
@@ -229,7 +229,7 @@ jobs:
229229
echo "" >> $GITHUB_STEP_SUMMARY
230230
echo "| Severity | Rule | Location | Message |" >> $GITHUB_STEP_SUMMARY
231231
echo "|----------|------|----------|---------|" >> $GITHUB_STEP_SUMMARY
232-
jq -r '.runs[0].results[] | "| \(.level // "warning") | \(.ruleId // "unknown") | `\(.locations[0].physicalLocation.artifactLocation.uri // "unknown"):\(.locations[0].physicalLocation.region.startLine // "?")` | \(.message.text | gsub("\n"; " ") | .[0:80]) |"' trivy-results.sarif >> $GITHUB_STEP_SUMMARY
232+
jq -r '.runs[0].results[] | "| \(.level // "warning") | \(.ruleId // "unknown") | `\(.locations[0].physicalLocation.artifactLocation.uri // "unknown"):\(.locations[0].physicalLocation.region.startLine // "?")` | \(.message.text | gsub("\n"; " ") | gsub("\\|"; "\\\\|") | .[0:80]) |"' trivy-results.sarif >> $GITHUB_STEP_SUMMARY
233233
echo "" >> $GITHUB_STEP_SUMMARY
234234
echo "</details>" >> $GITHUB_STEP_SUMMARY
235235
fi
@@ -246,7 +246,7 @@ jobs:
246246
if: ${{ !inputs.skip_code_scans && env.UPLOAD_SCAN_SARIF == 'true' }}
247247
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7
248248
with:
249-
sarif_file: codeql-results/java.sarif
249+
sarif_file: codeql-results
250250
category: 'codeql'
251251
- name: Upload Trivy scan results to GitHub Security tab
252252
if: ${{ !inputs.skip_code_scans && env.UPLOAD_SCAN_SARIF == 'true' }}

0 commit comments

Comments
 (0)