Skip to content

Commit

Permalink
fix(ci/cve-scanning): remove duplicates in reports
Browse files Browse the repository at this point in the history
  • Loading branch information
cwrau committed Dec 18, 2024
1 parent 9698390 commit fd9a919
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/scripts/generate-sarif-reports.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ function createSarifReports() {
yq -r '.[] | .image' |
parallel ${GITHUB_JOB+--bar} --retries 10 -P 0 -k generateSarifReport "$chart" "{}" "reports/$chartName-{#}.json"
# shellcheck disable=SC1009
cat "reports/$chartName-"*.json | jq -r -s '{"$schema": .[0]["$schema"], version: .[0].version, runs: [reduce map(.runs[])[] as $run (null; .+$run as $new | .tool.driver.rules |= (.+$run.tool.driver.rules|unique_by(.id)) | $new*. | .results += ($run.results | map(.locations |= (([.[] | select(.physicalLocation)][0].physicalLocation.artifactLocation) as $physicalLocation | .[] | select(.logicalLocations)[] | map({physicalLocation:{artifactLocation:{uri:"\(.fullyQualifiedName)/\($run.properties.imageName)/\($run.originalUriBaseIds[$physicalLocation.uriBaseId].uri)\($physicalLocation.uri)"}}})))) | del(.properties, .originalUriBaseIds))]}' >"reports/$chartName.json.sarif"
cat "reports/$chartName-"*.json | jq -r -s '. as $input | {"$schema": .[0]["$schema"], version: .[0].version, runs: [reduce map(.runs[])[] as $run (null; .+$run as $new | .tool.driver.rules |= (.+$run.tool.driver.rules|unique_by(.id)) | $new*. | del(.properties, .originalUriBaseIds, .results))]} | .runs[0].results = ($input | reduce map(.runs[])[] as $run ([]; . += ($run.results | map(.locations |= (([.[] | select(.physicalLocation)][0].physicalLocation.artifactLocation) as $physicalLocation | .[] | select(.logicalLocations)[] | map({physicalLocation:{artifactLocation:{uri:"\(.fullyQualifiedName)/\($run.properties.imageName)/\($run.originalUriBaseIds[$physicalLocation.uriBaseId].uri)\($physicalLocation.uri)"}}}))))))' >"reports/$chartName.json.sarif"
}

function generateSarifReport() {
Expand Down

0 comments on commit fd9a919

Please sign in to comment.