From d042260a2aab51862aabab106d564cc12c40d547 Mon Sep 17 00:00:00 2001
From: AydarN <9845662+AydarN@users.noreply.github.com>
Date: Fri, 5 Jul 2024 12:54:14 +0300
Subject: [PATCH] change-to-sarif-report

---
 .github/workflows/maven-service-build.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/maven-service-build.yml b/.github/workflows/maven-service-build.yml
index 10e5a36..547f181 100644
--- a/.github/workflows/maven-service-build.yml
+++ b/.github/workflows/maven-service-build.yml
@@ -68,4 +68,9 @@ jobs:
         with:
           name: bom.json
       - name: Run Trivy with SBOM
-        run: trivy sbom --exit-code 1 --severity CRITICAL,HIGH ./bom.json
+        run: trivy sbom --severity CRITICAL,HIGH --format sarif -o trivy-report.sarif ./bom.json
+
+      - name: Upload SARIF report
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: trivy-report.sarif