[chore][vuln-scan] Workaround anchore-scan not showing vulnerabilities (#6054)

pjanotti · web-flow · commit 352b4a670216 · 2025-03-31T08:24:39.000-07:00
diff --git a/.github/workflows/vuln-scans.yml b/.github/workflows/vuln-scans.yml
@@ -151,12 +151,18 @@ jobs:
           path: ./dist
       - run: docker load -i ./dist/image.tar
       - uses: anchore/scan-action@v6
+        id: anchore-scan
         with:
           severity-cutoff: "high"
           only-fixed: true
           add-cpes-if-none: true
-          output-format: "table"
+          output-format: sarif
           image: "otelcol${{ matrix.FIPS == true && '-fips' || '' }}:latest"
+      - name: Upload result to GitHub Code Scanning
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: ${{ steps.anchore-scan.outputs.sarif }}
 
   anchore-win-image-scan:
     runs-on: ${{ matrix.OS }}
