Replies: 2 comments 1 reply
-
|
Hi @illrill ! Did you scan the Terraform or the ARM template? |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
ARM template (pre-converted from Bicep with bicep build) |
Beta Was this translation helpful? Give feedback.
-
|
Track #8984 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Description
AVD-AZU-0010 does not populate artifact location properly in the SARIF file, which causes
github/codeql-action/upload-sarif@v3to fail.Same situation as in #7905
Desired Behavior
Populate artifact location in the SARIF properly
Actual Behavior
{ "version": "2.1.0", "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json", "runs": [ **TRIMMED FOR BREVITY** "results": [ { "ruleId": "AVD-AZU-0010", "ruleIndex": 0, "level": "error", "message": { "text": "Artifact: \nType: azure-arm\nVulnerability AVD-AZU-0010\nSeverity: HIGH\nMessage: Network rules do not allow bypass for Microsoft Services.\nLink: [AVD-AZU-0010](https://avd.aquasec.com/misconfig/avd-azu-0010)" }, "locations": [ { "physicalLocation": { "artifactLocation": { "uri": "", "uriBaseId": "ROOTPATH" }, "region": { "startLine": 1, "startColumn": 1, "endLine": 1, "endColumn": 1 } }, "message": { "text": "" } } ] } ], "columnKind": "utf16CodeUnits", "originalUriBaseIds": { "ROOTPATH": { "uri": "***REDACTED***" } } } ] }Reproduction Steps
Target
Filesystem
Scanner
Misconfiguration
Output Format
SARIF
Mode
Standalone
Debug Output
Operating System
Ubuntu 20
Version
Checklist
trivy clean --allBeta Was this translation helpful? Give feedback.
All reactions