actually commit the thing

HHS · Nov 26, 2024 · 5cd7b4f · 5cd7b4f
1 parent 284a289
commit 5cd7b4f
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/.github/workflows/vulnerability-scans.yml b/.github/workflows/vulnerability-scans.yml
@@ -191,24 +191,25 @@ jobs:
           docker load < /tmp/docker-image.tar
 
       - name: Run Anchore vulnerability scan
+        if: always() # Runs even if there is a failure
         uses: anchore/scan-action@v4
+        id: anchore-scan-json
         with:
           image: ${{ needs.build-and-cache.outputs.image }}
-          output-format: table
+          output-format: json
           fail-build: true
           severity-cutoff: medium
 
       - name: Run Anchore vulnerability scan
         if: always() # Runs even if there is a failure
         uses: anchore/scan-action@v4
-        id: anchore-scan-json
         with:
           image: ${{ needs.build-and-cache.outputs.image }}
-          output-format: json
+          output-format: table
           fail-build: true
           severity-cutoff: medium
 
-      - name: Save output to workflow summary
+      - name: Print output to workflow summary
         if: always() # Runs even if there is a failure
         run: |
           jq '.matches | map(.artifact | { name, version, location: .locations[0].path })' ${{ steps.anchore-scan-json.outputs.json }}