Closed Schwartz-Matthew-bah closed 1 month ago
Hello, thank you for raising this issue. We are investigating and will report back when we have additional information.
I understand your workflow is failing because it expects the CSV to be present, but it is not, resulting in exit code 1 and failing your workflow. I can reproduce this issue as well. We are presently working on a fix. In the mean time, you may consider commenting out the cat line that is breaking your workflow. I will report back when I have an ETA for the fix.
Thank you!
We have implemented a fix to resolve your issue. The fix is presently being tested to validate that the fix works as intended. If we are confident in the solution we may cut a new release as soon as next week, at which point, you can pull in the updates. Thank you for your continued patience and have a great weekend.
@Schwartz-Matthew-bah Our fix is now available for your use. Please update your workflows to point to this release: https://github.com/aws-actions/vulnerability-scan-github-action-for-amazon-inspector/releases/tag/v1
I'll also add that we are now tagging the latest release with v1
, meaning, you can automatically consume minor and hotfix releases if you choose (see issue #87 ).
Marking this issue as resolved. Please re-open the issue if there are subsequent problems.
Description
If the scanner finds no vulnerabilities the actions will fail because the results CSV file is not generated. The JSON and Markdown results are still generated so this is inconsistent behavior.
Expected Behavior
CSV file with column headers should be produced even if there are no findings.
Actual Behavior
CSV file generation is skipped. This causes the cat command to fail and therefore the action to fail.
https://github.com/aws-actions/vulnerability-scan-github-action-for-amazon-inspector/blob/51b74849864257707482446461b6636628da9754/entrypoint/entrypoint/orchestrator.py#L348
Steps to Reproduce
Use the example workflow file from the README and run the action on a repository with zero vulnerabilities.