Path does not exist: results.sarif - When using the GH Action it seems the results.sarif file isn't being created

When using the GH Action it seems the results.sarif file isn't being created. When using this action

name: Kubescape scanning for misconfigurations
on: [push, pull_request]
jobs:
  kubescape:
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    steps:
      - uses: actions/checkout@v3
      - uses: kubescape/github-action@main
        continue-on-error: true
        with:
          format: sarif
          outputFile: results.sarif
      - name: Upload Kubescape scan results to Github Code Scanning
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

Note: I had to update github/codeql-action/upload-sarif@v3 to v3 due to deprecation in 2024. I was able to successfully scan my repo

kubescape scan https://github.com/mrpbennett/homelab.git

My current cluster is a simple HA K3s cluster

➜ kubescape scan https://github.com/mrpbennett/homelab.git
 ✅  Initialized scanner
 ✅  Loaded policies
 ✅  Loaded exceptions
 ✅  Loaded account configurations
 ℹ️   cloning. repository url: <repo>
 ✅  Done accessing local objects
Control: C-0260 100% |██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| (33/33, 162 it/s)
 ✅  Done scanning Repo
 ✅  Done aggregating results

Kubescape security posture overview for cluster: k3s-test

In this overview, Kubescape shows you a summary of your cluster security posture, including the number of users who can perform administrative actions. For each result greater than 0, you should evaluate its need, and then define an exception to allow it. This baseline can be used to detect drift in future.

Workload
┌─────────────────────┬───────────┬─────────────────────────────────────┐
│ Control name        │ Resources │ View details                        │
├─────────────────────┼───────────┼─────────────────────────────────────┤
│ Non-root containers │     3     │ $ kubescape scan control C-0013  -v │
└─────────────────────┴───────────┴─────────────────────────────────────┘

Network
┌────────────────────────┬───────────┬─────────────────────────────────────┐
│ Control name           │ Resources │ View details                        │
├────────────────────────┼───────────┼─────────────────────────────────────┤
│ Missing network policy │     3     │ $ kubescape scan control C-0260  -v │
└────────────────────────┴───────────┴─────────────────────────────────────┘

Highest-stake workloads
───────────────────────

High-stakes workloads are defined as those which Kubescape estimates would have the highest impact if they were to be exploited.

1. name: my-app-deployment, kind: Deployment
   $ kubescape scan workload Deployment/my-app-deployment --file-path=/boilerplates/kubernetes/deployment.yaml
2. name: my-cronjob, kind: CronJob
   $ kubescape scan workload CronJob/my-cronjob --file-path=/boilerplates/kubernetes/cronjob.yaml
3. namespace: default, name: homepage, kind: Deployment
   $ kubescape scan workload Deployment/homepage --namespace default --file-path=/kube-manifests-test/staging/homepage-dashboard/homepage.yml

I asked ChatGPT on how to solve the issue, it suggested I used:

 - name: List files in directory
        run: ls -l

In my action, this did point out that the results.sarif was not being created.

kubescape / github-action

Path does not exist: results.sarif - When using the GH Action it seems the results.sarif file isn't being created #61