Merge pull request #84 from crazy-max/scout-result

crazy-max · web-flow · commit fdbbd009615f · 2026-03-26T12:17:18.000+01:00
docker-scout: only write result files for file-based formats
diff --git a/.github/actions/docker-scout/action.yml b/.github/actions/docker-scout/action.yml
@@ -17,7 +17,7 @@ inputs:
 
 outputs:
   result-file:
-    description: 'File output result'
+    description: 'Path to result file (only if format is not packages)'
     value: ${{ steps.run.outputs.result-file }}
 
 runs:
@@ -82,6 +82,10 @@ runs:
 
           // TODO: cache binary
 
-          const resultPath = path.join(fs.mkdtempSync(path.join(os.tmpdir(), 'docker-scout-action-')), 'result.txt');
-          core.setOutput('result-file', resultPath);
-          await exec.exec('docker', ['scout', 'cves', inpImage, '--format', inpFormat, `--output`, resultPath]);
+          const resultFile = path.join(fs.mkdtempSync(path.join(process.env.RUNNER_TEMP || os.tmpdir(), 'docker-scout-')), 'result.txt');
+          const args = ['scout', 'cves', inpImage, '--format', inpFormat];
+          if (inpFormat !== 'packages') {
+            args.push('--output', resultFile);
+            core.setOutput('result-file', resultFile);
+          }
+          await exec.exec('docker', args);
diff --git a/.github/workflows/.test.yml b/.github/workflows/.test.yml
@@ -233,6 +233,8 @@ jobs:
         format:
           - packages
           - sarif
+          - sbom
+          - spdx
     steps:
       -
         name: Checkout
@@ -251,7 +253,8 @@ jobs:
           image: registry://moby/buildkit:master
           format: ${{ matrix.format }}
       -
-        name: Print result
+        name: Check result file
+        if: ${{ matrix.format != 'packages' }}
         run: |
           set -x
           cat ${{ steps.scout.outputs.result-file }}
diff --git a/README.md b/README.md
@@ -110,7 +110,7 @@ jobs:
           image: alpine:latest
       -
         name: Upload SARIF report
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ${{ steps.scout.outputs.result-file }}
 ```
@@ -137,7 +137,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       -
         name: Test
         run: |
@@ -209,7 +209,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           ref: ${{ matrix.commit }}
 ```
@@ -271,7 +271,7 @@ jobs:
     steps:
       -
         name: Download
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v8
         with:
           name: buildx-releases-json
           path: .
