Update main.yml

.github/workflows/main.yml

@@ -86,9 +86,21 @@ jobs:
 
                 echo "Exploded $jarfile into $exploded_dir"
           done
+      
       - name: Scan a specific path with Trivy
         uses: aquasecurity/trivy-action@master
         with:
-          scan-type: 'fs'
-          path: '/home/runner/work/OHDSI-ArachneCommons/OHDSI-ArachneCommons/target'  # Replace with the actual path you want to scan
-          severity: 'CRITICAL,HIGH'
+          scan-type: 'fs'  # Filesystem scan
+          path: '/home/runner/work/OHDSI-ArachneCommons/OHDSI-ArachneCommons/target'
+          format: 'json'  # Output in JSON format
+          output: '/home/runner/work/OHDSI-ArachneCommons/OHDSI-ArachneCommons/trivy-results.json'  # Save results to trivy-results.json file
+
+      - name: Covert Trivy to CSV 
+        run: |
+          jq -r '.Results[] | select(.Vulnerabilities != null) | .Vulnerabilities[] | [.SeveritySource, .VulnerabilityID, .PkgName, .PkgPath, .InstalledVersion, .FixedVersion, .Status, .Severity] | @csv' /home/runner/work/OHDSI-ArachneCommons/OHDSI-ArachneCommons/trivy-results.json > OHDSI-ArachneCommons.csv
+      - name: Upload Reports
+        uses: actions/upload-artifact@v4
+        with:
+          name: trivy-reports
+          path: |
+            OHDSI-ArachneCommons.csv