feat: export findings to securityhub

achoimet · achoimet · commit bd636534568e · 2026-01-06T14:04:24.000+01:00
diff --git a/.github/workflows/reusable-cve-scan.yml b/.github/workflows/reusable-cve-scan.yml
@@ -219,16 +219,11 @@ jobs:
           GIT_SHA=$(git rev-parse HEAD)
           
           jq 'map(
-          .Id = (
-          "'"${GITHUB_REPOSITORY}"'@'"$GIT_SHA"'" + "-" + .Resources[0].Details.Other["CVE ID"]
-          ) |
-          .GeneratorId = (
-          "AquaSecurity/Trivy/" + .Resources[0].Details.Other["CVE ID"]
-          ) |
+          .Id = ("'"${GITHUB_REPOSITORY}"'@'"$GIT_SHA"'" + "-" + .Resources[0].Details.Other["CVE ID"]) |
+          .GeneratorId = ("AquaSecurity/Trivy/" + .Resources[0].Details.Other["CVE ID"]) |
           .ProductName = "Aqua Security" |
           .ProductFields["Product Name"] = "Aqua Security" |
-          .ProductFields["ci/source"] = "github-actions" |
-          )' trivy-findings.json > trivy-findings-fixed.json
+          .ProductFields["ci/source"] = "github-actions")' trivy-findings.json > trivy-findings-fixed.json
           mv trivy-findings-fixed.json trivy-findings.json
 
           # Debug: print a summary of the findings being sent to Security Hub
