diff --git a/.github/workflows/checkton-self.yaml b/.github/workflows/checkton-self.yaml index 9b7a51e..7eacb33 100644 --- a/.github/workflows/checkton-self.yaml +++ b/.github/workflows/checkton-self.yaml @@ -28,6 +28,31 @@ jobs: differential: false fail-on-findings: false + - name: Inject rules into the SARIF file + run: | + jq < .checkton.sarif '.runs[].tool.driver.rules = [ + { + "id": "SHELLCHECK_WARNING: warning[SC2053]", + "properties": { + "tags": [ + "ShellCheck" + ] + }, + "name": "SC2053", + "shortDescription": { + "text": "SC2053" + }, + "help": { + "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2053", + "markdown": "Defect reference: [SC2053](https://github.com/koalaman/shellcheck/wiki/SC2053)" + }, + "fullDescription": { + "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2053" + } + } + ]' > .checkton.sarif.2 + mv .checkton.sarif.2 .checkton.sarif + - name: Upload SARIF file uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3 with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d007147..7dde7cb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: image_without_digest=${image%@*} version=${image_without_digest##*:} - if [[ "$tag" != "$version" ]]; then + if [[ $tag != "$version" ]]; then echo "Tag does not match action.yaml image version: $tag X $image" >&2 exit 1 fi