From 10f76bd991206f0b6935bc8d90fad8bdb3171d5b Mon Sep 17 00:00:00 2001
From: Dennis Konkol <dennis@ubuntu.long-agama.ts.net>
Date: Fri, 5 Sep 2025 23:36:12 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20Fix=20Code=20Scanning=20Upload?=
 =?UTF-8?q?=20Error?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

✅ Replaced Code Scanning Upload:
- Removed github/codeql-action/upload-sarif (requires Code Scanning)
- Added actions/upload-artifact for Trivy results
- SARIF report saved as artifact (30 days retention)
- No more 'Code scanning not enabled' errors

🎯 Benefits:
- Trivy results still available as downloadable artifact
- No dependency on GitHub Advanced Security
- Clean CI/CD pipeline without errors
- Security reports accessible via Actions tab
---
 .github/workflows/ci-cd.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
index b4b61bf..56a0d95 100644
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -71,11 +71,13 @@ jobs:
           skip-version-check: true
           scanners: 'vuln,secret,config'
 
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+      - name: Upload Trivy scan results as artifact
+        uses: actions/upload-artifact@v4
         if: always()
         with:
-          sarif_file: 'trivy-results.sarif'
+          name: trivy-security-report
+          path: trivy-results.sarif
+          retention-days: 30
 
   # Build and push Docker image
   build: