🛡️ Checkov SARIF Summary Action

This custom JavaScript GitHub Action reads a SARIF file generated by Checkov, extracts security and compliance findings, and writes a clean markdown summary into the GitHub Actions UI using GITHUB_STEP_SUMMARY.

📦 What It Does

Parses a results.sarif file.
Extracts rule metadata, affected files, line ranges, severity, and code snippets.
Outputs:
- A markdown table of all findings.
- A detailed section with inline code snippets for each finding.

This is especially useful for surfacing Checkov results clearly in the GitHub Actions summary tab.

🛠 Usage Example

jobs:
  checkov-summary:
    runs-on: ubuntu-latest
    steps:
      - name: 📋 Summarize and Print Checkov Scan Report with Snippets
        uses: subhamay-bhattacharyya-gha/checkov-report-action@main

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
node_modules		node_modules
.gitignore		.gitignore
CHANGELOG.md		CHANGELOG.md
CODEOWNERS		CODEOWNERS
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
VERSION		VERSION
action.yaml		action.yaml
main.js		main.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

🛡️ Checkov SARIF Summary Action

📦 What It Does

🛠 Usage Example

About

Uh oh!

Releases 1

Uh oh!

Contributors 2

Uh oh!

Languages

License

subhamay-bhattacharyya-gha/checkov-report-action

Folders and files

Latest commit

History

Repository files navigation

🛡️ Checkov SARIF Summary Action

📦 What It Does

🛠 Usage Example

About

Topics

Resources

License

Code of conduct

Uh oh!

Stars

Watchers

Forks

Releases 1

Uh oh!

Contributors 2

Uh oh!

Languages