Generate SARIF report for Python libs (#16)

Author: blink1073

python/publish/action.yml

@@ -42,6 +42,11 @@ runs:
  release_version: ${{ inputs.version }}
  filenames: dist/*
  token: ${{ inputs.token }}
+ - name: Generate Sarif Report
+ uses: mongodb-labs/drivers-github-tools/code-scanning-export@v2
+ with:
+ output-file: sarif-report.json
+ ref: ${{ inputs.version }}
  - name: Run publish script
  shell: bash
  run: ${{github.action_path}}/publish.sh

python/publish/publish.sh

@@ -2,6 +2,8 @@
 
 set -eux
 
+mv sarif-report.json $S3_ASSETS
+
 if [ "$DRY_RUN" == "false" ]; then
  echo "Uploading Release Reports"
  TARGET=s3://${AWS_BUCKET}/${PRODUCT_NAME}/${VERSION}