Open olivebay opened 7 months ago
Hello,
I'm looking for the same thing.
Try to get the result file to upload the results on SonarQube.
- task: trivy@1
continueOnError: false
displayName: Trivy scan on Docker image
inputs:
debug: true
docker: false
exitCode: 0
image: $(containerRegistry)/$(dockerImageName):${{ parameters.dockerImageTag }}
version: "v0.49.1"
On the logs:
##[debug]exec tool: /tmp/trivy
##[debug]arguments:
##[debug] --debug
##[debug] image
##[debug] --exit-code
##[debug] 0
##[debug] --format
##[debug] json
##[debug] --output
##[debug] /tmp/trivy-results-0.2733003447340172.json
at the end of the logs:
Publishing JSON results...
##[debug]Processed: ##vso[task.addattachment type=JSON_RESULT;name=trivy0.10503311637599544.json;]/tmp/trivy-results-0.2733003447340172.json
Done!
So, where is the /tmp/trivy-results-*.json file?
Already checked:
I think it's also linked to this issue: https://github.com/aquasecurity/trivy-azure-pipelines-task/issues/28
Same issue here, If I put them on the options:
it should overwrite the ones provided by default by the Plugin but instead I see them coming twice.
Hello,
Is there a way to get the /tmp/scan-results.json from the task? Or override the output path?