Update openapi-static-scan.yml

Signed-off-by: Christopher Atkins <christopher316@gmail.com>
trolie · Dec 18, 2023 · 7c8902f · 7c8902f
1 parent cdd3b5b
commit 7c8902f
Showing 1 changed file with 4 additions and 6 deletions.
diff --git a/.github/workflows/openapi-static-scan.yml b/.github/workflows/openapi-static-scan.yml
@@ -8,21 +8,19 @@ on:
 jobs:
   run_42c_audit:
     permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for results upload to Github Code Scanning
+      contents: read
+      security-events: write
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
         uses: actions/checkout@v4
       - name: Audit API definition for security issues
         uses: 42Crunch/api-security-audit-action-freemium@v1
         with:
-          # Upload results to Github Code Scanning
-          upload-to-code-scanning: false
+          upload-to-code-scanning: true
           log-level: debug
-          # sarif-report: 42Crunch_AuditReport_${{ github.run_id }}.SARIF
+          sarif-report: 42Crunch_AuditReport_${{ github.run_id }}.SARIF
       - name: save-audit-report
-        if: ${{ ! always() }}
         uses: actions/upload-artifact@v4
         with:
           name: 42Crunch_AuditReport_${{ github.run_id }}