From 467dae72d29753fe0557dd389785c3f45f87ae51 Mon Sep 17 00:00:00 2001 From: nclsbayona <59931437+nclsbayona@users.noreply.github.com> Date: Wed, 6 Mar 2024 21:48:45 -0500 Subject: [PATCH] Update codeql-analysis.yml --- .github/workflows/codeql-analysis.yml | 37 +++++++++++++-------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 80c6681..b013f10 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -46,25 +46,24 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 - build: - name: Build - runs-on: ubuntu-20.04 - steps: - - name: Checkout code - uses: actions/checkout@v4 + # build: + # name: Build + # runs-on: ubuntu-20.04 + # steps: + # - name: Checkout code + # uses: actions/checkout@v4 - - name: Build an image from Dockerfile - run: | - docker build -t docker.io/my-organization/my-app:${{ github.sha }} . + # - name: Build an image from Dockerfile + # run: docker build -t docker.io/my-organization/my-app:${{ github.sha }} . - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' - format: 'sarif' - output: 'trivy-results.sarif' + # - name: Run Trivy vulnerability scanner + # uses: aquasecurity/trivy-action@master + # with: + # image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' + # format: 'sarif' + # output: 'trivy-results.sarif' - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: 'trivy-results.sarif' + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v2 + # with: + # sarif_file: 'trivy-results.sarif'