From 8fd205f1d7f50c6d8f1956818a0710d986ce0bba Mon Sep 17 00:00:00 2001
From: Yen Chuang <5915590+antigenius0910@users.noreply.github.com>
Date: Sat, 17 Feb 2024 13:24:21 -0600
Subject: [PATCH 1/2] fix_tfvar_with_sarif_bug

---
 entrypoint.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 38832fe..73d6fb4 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
 set -e
+
 while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:x:z:" o; do
    case "${o}" in
        a)
@@ -137,6 +138,7 @@ if [ $skipDirs ];then
 fi
 if [ $tfVars ] && [ "$scanType" == "config" ];then
   ARGS="$ARGS --tf-vars $tfVars"
+  SARIF_ARGS="$SARIF_ARGS --tf-vars $tfVars"
 fi 
 
 if [ $trivyIgnores ];then
@@ -186,7 +188,7 @@ if [ "${format}" == "sarif" ] && [ "${limitSeveritiesForSARIF}" != "true" ]; the
   # regardless of severity level specified in this report.
   # This is a feature, not a bug :)
   echo "Building SARIF report with options: ${SARIF_ARGS}" "${artifactRef}"
-  trivy --quiet ${scanType} --format sarif --output ${output} $SARIF_ARGS ${artifactRef}
+  trivy ${scanType} --format sarif --output ${output} $SARIF_ARGS ${artifactRef}
 elif [ $trivyConfig ]; then
    echo "Running Trivy with trivy.yaml config from: " $trivyConfig
    trivy --config $trivyConfig ${scanType} ${artifactRef}

From 4dc05f2a7b2cc08a05be249f702eb320d1e9ff2d Mon Sep 17 00:00:00 2001
From: Yen Chuang <5915590+antigenius0910@users.noreply.github.com>
Date: Sat, 17 Feb 2024 13:54:02 -0600
Subject: [PATCH 2/2] add more description so we don't confuse user

---
 entrypoint.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/entrypoint.sh b/entrypoint.sh
index 73d6fb4..be90a08 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -188,6 +188,7 @@ if [ "${format}" == "sarif" ] && [ "${limitSeveritiesForSARIF}" != "true" ]; the
   # regardless of severity level specified in this report.
   # This is a feature, not a bug :)
   echo "Building SARIF report with options: ${SARIF_ARGS}" "${artifactRef}"
+  echo "Ignore all severity level being defined since limit-severities-for-sarif: false"
   trivy ${scanType} --format sarif --output ${output} $SARIF_ARGS ${artifactRef}
 elif [ $trivyConfig ]; then
    echo "Running Trivy with trivy.yaml config from: " $trivyConfig