Skip to content

Remove Anchore workflow causing SARIF upload failures#23

Merged
parkcheolhong merged 3 commits intomainfrom
copilot/fix-code-scanning-error
Dec 14, 2025
Merged

Remove Anchore workflow causing SARIF upload failures#23
parkcheolhong merged 3 commits intomainfrom
copilot/fix-code-scanning-error

Conversation

Copy link
Contributor

Copilot AI commented Dec 14, 2025
edited
Loading

Code Scanning was rejecting SARIF uploads from the Anchore workflow, which attempted to build and scan a non-existent Docker image.

Changes

  • Removed .github/workflows/anchore.yml - container scanning is not applicable to this web application repository

Context

This repository contains a static web application (HTML/CSS/JavaScript) and GitHub Actions workflows. The Anchore workflow was attempting to:

- name: Build the Docker image
  run: docker build . --file Dockerfile --tag localbuild/testimage:latest

No Dockerfile exists, causing the build to fail and generating invalid SARIF output.

Remaining security workflows (codeql.yml for Actions scanning) are appropriate for this repository type.

Original prompt

Error: Code Scanning could not process the submitted SARIF file:

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 2 commits December 14, 2025 04:11
Copilot AI changed the title [WIP] Fix processing error for submitted SARIF file Remove Anchore workflow causing SARIF upload failures Dec 14, 2025
Copilot AI requested a review from parkcheolhong December 14, 2025 04:14
@parkcheolhong parkcheolhong marked this pull request as ready for review December 14, 2025 04:14
Copilot AI review requested due to automatic review settings December 14, 2025 04:14
@parkcheolhong parkcheolhong merged commit d3da4e8 into main Dec 14, 2025
3 of 4 checks passed
@parkcheolhong parkcheolhong deleted the copilot/fix-code-scanning-error branch December 14, 2025 04:14
Copilot AI reviewed Dec 14, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the Anchore container scanning workflow that was causing SARIF upload failures in GitHub Code Scanning. The workflow attempted to build and scan a Docker image but was generating invalid SARIF output.

Key changes:

  • Removed .github/workflows/anchore.yml containing the Anchore container vulnerability scanning workflow

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@parkcheolhong parkcheolhong Awaiting requested review from parkcheolhong

Assignees

@parkcheolhong parkcheolhong

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@parkcheolhong