Closed mrpbennett closed 6 months ago
Can you try this:
name: Kubescape scanning for misconfigurations
on: [push, pull_request]
jobs:
kubescape:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- uses: kubescape/github-action@main
continue-on-error: true
with:
format: sarif
frameworks: "allcontrols,workloadscan"
outputFile: results.sarif
- name: Upload Kubescape scan results to Github Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
I added frameworks: "allcontrols,workloadscan"
, let me know how it goes.
When using the GH Action it seems the
results.sarif
file isn't being created. When using this actionNote: I had to update
github/codeql-action/upload-sarif@v3
tov3
due to deprecation in 2024. I was able to successfully scan my repoMy current cluster is a simple HA K3s cluster
I asked ChatGPT on how to solve the issue, it suggested I used:
In my action, this did point out that the
results.sarif
was not being created.