Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add output-file option, default to random directory output in temp #346

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: add output-file option, default to random directory output in temp #346

wants to merge 2 commits into from

Conversation

kzantow
Copy link
Contributor

@kzantow kzantow commented Jul 25, 2024
edited
Loading

This PR makes a couple changes to the scan-action, one of which may be breaking for users:

  • modifies the grype invocation to output to a random file in $TEMP, instead of outputting directly in the workspace
  • adds an output-file parameter to allow users to specify an output file explicitly

Fixes #216
Fixes #238

@kzantow kzantow added the major Used by release-drafter to determine version label Jul 25, 2024
@kzantow kzantow requested a review from a team July 25, 2024 21:18
willmurphyscode
willmurphyscode reviewed Aug 5, 2024
View reviewed changes
dist/index.js Outdated
"output",
);
}
cmdArgs.push("--file", outputFile);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does this interact with output? I had the impression we were moving towards output and way from file.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We support --output <format> --file <output-file> in both Syft and Grype. This action doesn't allow multiple outputs, so it should work fine. I don't think there is a concrete plan to remove the --file option, since it's a part of Syft 1.0 already. If you feel strongly this should be using the --output flag, I can update it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I take this back, allowing for multiple outputs would be nice, so a user could get both a table printed to the logs and a SARIF report uploaded. I'll update this a bit.

@kzantow kzantow mentioned this pull request Sep 18, 2024
Open
@willmurphyscode
Copy link
Contributor

discussed with @kzantow offline - there are still a few things that might be changed before the merge relating to multiple outputs. I'm moving this back to "in progress" and will re-review later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willmurphyscode willmurphyscode willmurphyscode approved these changes

Assignees

@kzantow kzantow

Labels
major Used by release-drafter to determine version
Projects
OSS
Status: In Progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unable to store output in "table" format Add output-file as an input param
2 participants
@kzantow @willmurphyscode