Skip to content

poc - demonstrate sarif report generation #4

poc - demonstrate sarif report generation

poc - demonstrate sarif report generation #4

Workflow file for this run

name: "CodeQL"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
analyze:
name: Generate Sarif Report
runs-on: 'ubuntu-latest'
timeout-minutes: 360
permissions:
# required for all workflows
security-events: write
# required to fetch internal or private CodeQL packs
packages: read
# only required for workflows in private repositories
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: "Export SARIF file from code scanning alerts"
uses: "alcaeus/drivers-github-tools/code-scanning-export@export-code-scanning-report"
with:
ref: main
- name: 'asdf'
shell: bash
run: cat code-scanning-alerts.json