ipcrm
commented
1 year ago I don't believe that's correct because pipefail is set in the script (part of the change)
On Tue, Sep 26, 2023, 4:39 PM Esteban Esperanza @.***> wrote:
@.**** commented on this pull request.
In docker-entrypoint.sh https://github.com/lacework/lw-scanner-action/pull/60#discussion_r1337879303 :
Run scanner and store resulst as github job summary and no output to console
- /opt/lacework/lw-scanner image evaluate ${INPUT_IMAGE_NAME} ${INPUT_IMAGE_TAG} \
- --build-plan ${GITHUB_REPOSITORY} \
- --build-id ${GITHUB_RUN_ID} \
- --data-directory ${GITHUB_WORKSPACE} \
- --policy \
- --fail-on-violation-exit-code 1 ${SCANNER_PARAMETERS} 1> results.stdout
- export SCANNER_EXIT_CODE=$? echo "### Security Scan" >> $GITHUB_STEP_SUMMARY echo "
" >> $GITHUB_STEP_SUMMARY cat results.stdout >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY -fi-exit ${SCANNER_EXIT_CODE}
- exit ${SCANNER_EXIT_CODE} +else
Run scanner in default mode with output to console
- /opt/lacework/lw-scanner image evaluate ${INPUT_IMAGE_NAME} ${INPUT_IMAGE_TAG} \
- --build-plan ${GITHUB_REPOSITORY} \
- --build-id ${GITHUB_RUN_ID} \
- --data-directory ${GITHUB_WORKSPACE} \
- --policy \
- --fail-on-violation-exit-code 1 ${SCANNER_PARAMETERS}
This causes the exit code of tee to be captured, not the scanner itself.
— Reply to this email directly, view it on GitHub https://github.com/lacework/lw-scanner-action/pull/60#discussion_r1337879303, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACPA6AB6I2EFT3ZMWQDW4ZTX4NRTFANCNFSM6AAAAAA44MYAQI . You are receiving this because your review was requested.Message ID: @.***>
Summary
With the introduction of the ability to create job summaries unfortunately the default outputs where removed. This PR restores the default output if no job summary is created.
How did you test this change?
Automated testing