@@ -169,8 +169,19 @@ jobs:
169169 fi
170170continue-on-error : true
171171
172+ - name : Check if SARIF file exists
173+ if : always() && steps.changes.outputs.needs_scan == 'true'
174+ id : sarif-check
175+ run : |
176+ if [ -f "trivy-fs-${{ matrix.service }}.sarif" ]; then
177+ echo "sarif_exists=true" >> $GITHUB_OUTPUT
178+ else
179+ echo "sarif_exists=false" >> $GITHUB_OUTPUT
180+ echo "⚠️ SARIF file trivy-fs-${{ matrix.service }}.sarif not found"
181+ fi
182+
172183name : Upload filesystem scan results
173- if : always() && steps.changes.outputs.needs_scan == 'true' && hashFiles('trivy-fs-${{ matrix.service }}.sarif') != ' '
184+ if : always() && steps.changes.outputs.needs_scan == 'true' && steps.sarif-check.outputs.sarif_exists == 'true '
174185 uses : github/codeql-action/upload-sarif@v3
175186 with :
176187 sarif_file : ' trivy-fs-${{ matrix.service }}.sarif'
@@ -367,8 +378,19 @@ jobs:
367378 echo "📄 Detailed SARIF report saved as trivy-container-${{ matrix.service }}.sarif"
368379continue-on-error : true
369380
381+ - name : Check if container SARIF file exists
382+ if : always() && steps.changes.outputs.needs_build == 'true'
383+ id : container-sarif-check
384+ run : |
385+ if [ -f "trivy-container-${{ matrix.service }}.sarif" ]; then
386+ echo "sarif_exists=true" >> $GITHUB_OUTPUT
387+ else
388+ echo "sarif_exists=false" >> $GITHUB_OUTPUT
389+ echo "⚠️ Container SARIF file trivy-container-${{ matrix.service }}.sarif not found"
390+ fi
391+
370392name : Upload container scan results
371- if : always() && steps.changes.outputs.needs_build == 'true' && hashFiles('trivy- container-${{ matrix.service }}.sarif') != ' '
393+ if : always() && steps.changes.outputs.needs_build == 'true' && steps. container-sarif-check.outputs.sarif_exists == 'true '
372394 uses : github/codeql-action/upload-sarif@v3
373395 with :
374396 sarif_file : ' trivy-container-${{ matrix.service }}.sarif'
0 commit comments