Upload SARIF File on GitHub
You can upload the scan results to GitHub in a SARIF file format by using the following actions:
name: Qualys IAC Scan
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: '*/5 * * * *'
jobs:
Qualys_iac_scan:
runs-on: ubuntu-latest
name: Qualys IaC Scan
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Qualys IAC scan action step
uses: Qualys/github_action_qiac@main
id: qiac
env:
URL: ${{ secrets.URL }}
UNAME: ${{ secrets.USERNAME }}
PASS: ${{ secrets.PASSWORD }}
with:
directory: 'path of directory to scan (optional)'
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: response.sarif
Sample SARIF for OIDC Authentication Type
name: Qualys IAC Scan
on:
push:
branches:
- main
jobs:
Qualys_iac_scan:
runs-on: ubuntu-latest
name: Qualys IaC Scan
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Qualys IAC scan action step
uses: Qualys/github_action_qiac@main
id: qiac
env:
URL: ${{ secrets.URL }}
AUTHTYPE: OIDC
CLIENTID: ${{ secrets.CLIENTID }}
CLIENTSECRET: ${{ secrets.CLIENTSECRET }}
The results are displayed in the Security tab > Code scanning alerts.
Next Step