Use Scanning v2 (#16)

Changed the action to leverage on Sysdig cli scanner (Scanning V2 engine)
dark-vex · Jan 30, 2024 · c1f15f1 · c1f15f1
1 parent ca73338
commit c1f15f1
Showing 1 changed file with 4 additions and 9 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -69,29 +69,24 @@ jobs:
         with:
           username: ${{ secrets.DOCKER_USER }}
           password: ${{ secrets.DOCKER_PASS }}
-
-      #- name: Download artifact
-      #  uses: actions/download-artifact@v2
-      #  with:
-      #    name: Save image version
 
       - name: Generate static files
         run: |
           docker pull docker.io/darkvex/fail-builder:arlo-fail-nginx
       - name: Scan image
         id: scan
-        uses: sysdiglabs/scan-action@v3
+        uses: sysdiglabs/scan-action@v4
         with:
           image-tag: "docker.io/darkvex/fail-builder:arlo-fail-nginx"
           sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
           input-type: docker-daemon
           run-as-user: root
 
       - name: Update Scan results
-        uses: github/codeql-action/upload-sarif@v1
-        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        if: success() || failure()
         with:
-          sarif_file: ${{ steps.scan.outputs.sarifReport }}
+          sarif_file: ${{ github.workspace }}/sarif.json
 
 #  deploy:
 #    runs-on: ubuntu-latest