From 4e6a036f222d8cf9f4ea80053e120a7073ba8b05 Mon Sep 17 00:00:00 2001 From: Matt Andreko Date: Thu, 14 Aug 2025 09:30:12 -0400 Subject: [PATCH] Temporarily hold sarif uploads (#6166) --- .github/workflows/build.yml | 12 ++++++------ .github/workflows/scan.yml | 2 ++ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7c170f1188..54c31ee6ea 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -275,12 +275,12 @@ jobs: fail-build: false output-format: sarif - - name: Upload Grype results to GitHub - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 - with: - sarif_file: ${{ steps.container-scan.outputs.sarif }} - sha: ${{ contains(github.event_name, 'pull_request') && github.event.pull_request.head.sha || github.sha }} - ref: ${{ contains(github.event_name, 'pull_request') && format('refs/pull/{0}/head', github.event.pull_request.number) || github.ref }} +# - name: Upload Grype results to GitHub +# uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 +# with: +# sarif_file: ${{ steps.container-scan.outputs.sarif }} +# sha: ${{ contains(github.event_name, 'pull_request') && github.event.pull_request.head.sha || github.sha }} +# ref: ${{ contains(github.event_name, 'pull_request') && format('refs/pull/{0}/head', github.event.pull_request.number) || github.ref }} - name: Log out from Azure uses: bitwarden/gh-actions/azure-logout@main diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index f1d9370c29..04629ec899 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -38,6 +38,8 @@ jobs: pull-requests: write security-events: write id-token: write + with: + upload-sarif: false quality: name: Sonar