From 3445d5abc4a9381e5297023efde7c3d7d41be24a Mon Sep 17 00:00:00 2001
From: Danny Koppenhagen <Danny.Koppenhagen@deutschebahn.com>
Date: Wed, 25 Dec 2024 20:17:51 +0100
Subject: [PATCH] ci: echo URL

---
 .github/workflows/docker.yml | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index c8b2d78c..f4e507bb 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -16,8 +16,24 @@ jobs:
         uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: "trivy-explorer"
-          format: "table"
-          exit-code: "1"
+          output: trivy-report.json
+          format: json
+          exit-code: "0"
           ignore-unfixed: true
           vuln-type: "os,library"
-          severity: "CRITICAL,HIGH"
+          severity: "CRITICAL"
+      - name: Upload Vulnerability Scan Results
+        uses: actions/upload-artifact@v4
+        with:
+          name: trivy-report
+          path: trivy-report.json
+          retention-days: 30
+      - name: Get the JSON Report Download URL
+        id: get_report_url
+        run: |
+          repo_url="https://raw.githubusercontent.com/${{ github.repository }}/${{ github.ref_name }}/trivy-report.json"
+          echo "::set-output name=report_url::${repo_url}"
+      - name: Display Vulnerability Report URL
+        run: |
+          echo "You can view the vulnerability report here:"
+          echo "https://dbsystel.github.io/trivy-vulnerability-explorer/#/?url=${{ steps.get_report_url.outputs.report_url }}"