Run snyk container scan to produce sarif output

cyber-dojo · Feb 28, 2024 · 2b2eb43 · 2b2eb43
1 parent 262fc48
commit 2b2eb43
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/sh/kosli.sh b/sh/kosli.sh
@@ -95,8 +95,9 @@ on_ci_kosli_attest_snyk_scan_evidence()
     set +e
     snyk container test "$(artifact_name)" \
       --file="$(repo_root)/Dockerfile" \
-      --json-file-output="$(repo_root)/snyk.json" \
       --policy-path="$(repo_root)/.snyk" \
+      --sarif \
+      --sarif-file-output=snyk.json \
       --severity-threshold=medium
     set -e