Update amazon-cloudwatch-observability-image-scan.yaml

aws-observability · Dec 3, 2024 · 2ebe3eb · 2ebe3eb
1 parent 60bd8d8
commit 2ebe3eb
Showing 1 changed file with 5 additions and 13 deletions.
diff --git a/.github/workflows/amazon-cloudwatch-observability-image-scan.yaml b/.github/workflows/amazon-cloudwatch-observability-image-scan.yaml
@@ -88,17 +88,9 @@ jobs:
           image: ${{ steps.registry.outputs.result }}/${{ steps.repository.outputs.result }}:${{ steps.tag.outputs.result }}
           severity_threshold: HIGH
           annotations: true
-      # from https://stackoverflow.com/questions/61919141/read-json-file-in-github-actions
-      - run: echo "SCAN_RESULT=$(jq -c . < ${{ steps.scan.outputs.json }})" >> $GITHUB_ENV
-        if: success() || failure()
-      - if: success() || failure()
-        run: |
-          echo '${{ env.SCAN_RESULT }}'
-      - name: Send a saved artifact to a Slack workflow
-        if: success() || failure()
-        uses: slackapi/[email protected]
+      -
+        name: Upload SARIF file
+        if: ${{ steps.scan.outputs.sarif != '' }}
+        uses: github/codeql-action/upload-sarif@v2
         with:
-          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
-          webhook-type: webhook-trigger
-          payload: |
-            results: '${{ env.SCAN_RESULT }}'
+          sarif_file: ${{ steps.scan.outputs.sarif }}