From c43add9761f5d59dafe2342506ebcc60a080f3a3 Mon Sep 17 00:00:00 2001
From: JonJagger <jon@kosli.com>
Date: Tue, 17 Dec 2024 11:54:36 +0000
Subject: [PATCH] Add --attachment flag to kosli-attest-snyk calls in Workflow

---
 .github/workflows/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 3b798575..45f8ea69 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -152,6 +152,7 @@ jobs:
         if: ${{ github.ref == 'refs/heads/main' && (success() || failure()) }}
         run:
           kosli attest snyk
+            --attachments=.snyk
             --name=runner.snyk-code-scan 
             --scan-results="${SARIF_FILENAME}"
 
@@ -377,6 +378,7 @@ jobs:
           KOSLI_FINGERPRINT: ${{ needs.build-image.outputs.artifact_digest }}
         run:
           kosli attest snyk 
+            --attachments=.snyk          
             --name=runner.snyk-container-scan 
             --scan-results="${SARIF_FILENAME}"