From 1c52ec555ba4becbd5c5b926cf82940579669f1f Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Mon, 9 Feb 2026 13:06:06 +0100 Subject: [PATCH 1/2] fix: workflow syntax --- .github/workflows/docker-publish.yml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index ce4fda7..42c7547 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -132,16 +132,11 @@ jobs: with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} format: 'sarif' - output: 'trivy-results.sarif' + output: 'trivy-${{ matrix.service }}-results.sarif' - - name: Upload Trivy results to GitHub Security - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: 'trivy-results.sarif' - - comment-pr: + pr-comment: name: Comment on PR - needs: build-and-push + needs: test if: github.event_name == 'pull_request' runs-on: ubuntu-latest permissions: From 65e0a5a2c16d99f4b69541b213b3b2cb15046dc8 Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Mon, 9 Feb 2026 13:11:35 +0100 Subject: [PATCH 2/2] feat: update Trivy results output and upload to GitHub Security tab --- .github/workflows/docker-publish.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 42c7547..0428555 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -132,7 +132,12 @@ jobs: with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} format: 'sarif' - output: 'trivy-${{ matrix.service }}-results.sarif' + output: 'trivy-results.sarif' + + - name: Upload Trivy results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' pr-comment: name: Comment on PR