Attempt to fix CI

anhthii · anhthii · commit c88f2bf5165b · 2025-08-12T11:14:48.000+07:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -100,11 +100,11 @@ jobs:
           echo "Files in current directory:"
           ls -la
           govulncheck -format=sarif ./... > govulncheck-results.sarif
-          
+
           govulncheck -json ./... > vuln.json
           count=$(jq '[.[] | select(.finding != null and .finding.trace != null)] | length' vuln.json || echo 0)
           echo "Found $count vulnerabilities"
-          
+
           if [ "$count" -gt 0 ]; then
             echo "⚠️ Vulnerabilities found by govulncheck (see Security tab for details)"
           else
@@ -259,17 +259,18 @@ jobs:
         run: |
           curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
 
-      - name: Scan SBOM with Grype
+      # Keep SBOM generation & artifact upload as-is (no SARIF upload from SBOM)
+      - name: Grype SARIF (directory scan)
         run: |
-          grype sbom.spdx.json -o sarif --file grype-results.sarif
+          grype dir:. -o sarif --file grype-results.sarif
         continue-on-error: true
 
       - name: Upload Grype results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         if: always()
         with:
           sarif_file: grype-results.sarif
-          category: grype
+          category: grype-dir
 
       - name: Display SBOM summary
         run: |
