fix: add o/p to show vuln

Signed-off-by: Ved Ratan <[email protected]>
nirmata · Aug 1, 2024 · aef407c · aef407c
1 parent c5e6d38
commit aef407c
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/.github/workflows/nightly-scan-test.yaml b/.github/workflows/nightly-scan-test.yaml
@@ -67,3 +67,24 @@ jobs:
           output: 'trivy-scan.json'
           exit-code: '1'
 
+      - name: Convert trivy json file to tabular form
+        uses: aquasecurity/[email protected]
+        if: always() && steps.trivy-scan.conclusion == 'failure'
+        with:
+          scan-type: convert
+          vuln-type: ""
+          image-ref: trivy-scan.json
+          format: table
+          output: trivy-scan.txt
+
+      - name: Cat trivy/grype scan file if status == failure
+        if: always() && (steps.trivy-scan.conclusion == 'failure' || steps.grype-scan.conclusion == 'failure')
+        shell: bash
+        run: |
+          echo "====trivy-scan-txt===="
+          [ -s "trivy-scan.txt" ] && cat trivy-scan.txt
+          echo "====trivy-scan-json===="
+          [ -s "trivy-scan-json" ] && cat trivy-scan-json
+          echo "====grype-scan===="
+          cat ${{ steps.grype-scan.outputs.sarif }}
+          exit 1