Skip to content

fix: support 2.3.0 multi-arch image scan results#77

Merged
carlosmmatos merged 4 commits intomainfrom
fix--2.3.0
Apr 14, 2026
Merged

fix: support 2.3.0 multi-arch image scan results#77
carlosmmatos merged 4 commits intomainfrom
fix--2.3.0

Conversation

@ryanjpayne
Copy link
Copy Markdown
Contributor

@ryanjpayne ryanjpayne commented Apr 6, 2026

FCS CLI 2.3.x Multi-Architecture Support

Changes

  • Auto-discover output files: Parse FCS CLI output for "Results saved to file:" messages instead of guessing file patterns
  • Multi-arch support: Automatically handle multiple report files from multi-arch image scans
  • SARIF conversion: Convert all architecture variants to SARIF when requested
  • Fix output_path default: Remove "./" default that broke image scans; allow CLI defaults when omitted

Technical Details

  • Modified execute_fcs_cli() to capture CLI output using tee while preserving exit codes
  • Rewrote convert_json_to_sarif() to parse CLI output instead of using file pattern matching
  • Updated action.yml to remove problematic default and improve description
  • Added comprehensive documentation for FCS CLI 2.3.x multi-arch scanning

@carlosmmatos
Copy link
Copy Markdown
Contributor

carlosmmatos commented Apr 6, 2026

Pulled out the fallback path in convert_json_to_sarif. It only checked -d (directory), so file-based output_path values — which is the common image scan case — were silently skipped. The stdout-parsing path handles discovery fine on its own, so this was just dead weight.

Now it logs a warning if the CLI output file is missing. Also removed Tests 16-18 and the test_sarif_discovery_fallback helper since they tested the removed code. The 4 primary path tests still pass.

carlosmmatos
carlosmmatos approved these changes Apr 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@carlosmmatos carlosmmatos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Waiting for GA then we can merge

ryanjpayne and others added 4 commits April 14, 2026 20:11
@ryanjpayne @carlosmmatos
fix: support 2.3.0 multi-arch image scan results
3f04a45
@carlosmmatos
fix: remove broken SARIF discovery fallback from convert_json_to_sarif
17bf288 
The fallback path only checked -d (directory), silently failing for
file-based output_path values which is the common image scan case.
Since the primary stdout-parsing path handles discovery reliably,
replace the fallback with a simple warning log.
@carlosmmatos
docs: add release-please markers to 2.3.x code blocks and correct pla…
b5e9bd0 
…tform default
@carlosmmatos
docs: document platform comma-separated list support for FCS CLI >= 2…
5b10aad 
….3.0
@carlosmmatos carlosmmatos marked this pull request as ready for review April 14, 2026 20:11
@carlosmmatos carlosmmatos merged commit c891641 into main Apr 14, 2026
3 checks passed
@carlosmmatos carlosmmatos deleted the fix--2.3.0 branch April 14, 2026 20:13
@github-actions github-actions bot mentioned this pull request Apr 14, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@carlosmmatos carlosmmatos carlosmmatos approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ryanjpayne @carlosmmatos