search

synopsys-sig / detect-action

Apache License 2.0
28 stars 31 forks source link

DETECT_RISK_REPORT_PDF: true does not create thre risk report in the ouput artifacts #32

Open padaszewski opened 2 years ago

padaszewski commented 2 years ago

Hi, I am trying to generate the risk report in the output artifacts. So far I've seen that DETECT_RISK_REPORT_PDF: true does nothing when scan-mode: RAPID. Therefore I switched to scan-mode: INTELLIGENT and I saw in the logs, that the risk report pdf was created, but is not attached to the output artifacts. Here is my configuration

      - name: Run Synopsys Detect
        uses: synopsys-sig/detect-action@v0.3.2
        env:
          NODE_TLS_REJECT_UNAUTHORIZED: 0
          DETECT_DETECTOR_SEARCH_DEPTH: 4
          DETECT_RISK_REPORT_PDF: true
#         DETECT_RISK_REPORT_PDF_PATH: /home/runner/work/_temp/blackduck/runs
#         DETECT_NOTICES_REPORT: true
          DETECT_DIAGNOSTIC: true #tested also EXTENDED
        with:
          scan-mode: INTELLIGENT
          github-token: ${{ secrets.GITHUB_TOKEN }}
          detect-version: 7.14.0
          blackduck-url: ${{ secrets.BLACKDUCK_URL }}
          blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }}

I would expect to find this here: image

But this is not the case. I've tried with different paths for the risk report, but without success. Could You provide me any hints on how I could achive my goal?

Greets

uluzox commented 1 year ago

Try adding an upload artifact step

- name: Archive Blackduck Scan Report
   if: ${{ always() }}
   uses: actions/upload-artifact@v2
   with:
     name: BlackDuck-Report
     path: '*RiskReport.pdf'