chore: rename results file

marcusburghardt · marcusburghardt · commit 04752be058f7 · 2025-12-09T09:19:11.000+01:00
Avoid spaces and use information easier to track.

Signed-off-by: Marcus Burghardt &lt;maburgha@redhat.com&gt;
diff --git a/.github/workflows/reusable_scheduled.yml b/.github/workflows/reusable_scheduled.yml
@@ -33,7 +33,7 @@ jobs:
       scan-args: "${{ inputs.scan-args }}"
       fail-on-vuln: true
       upload-sarif: true
-      results-file-name: osv-scanner-scheduled-results-${{ github.workflow }}-${{ github.job }}.sarif
+      results-file-name: osv-scanner-scheduled-results-${{ github.workflow_sha }}-${{ github.run_number }}.sarif
 
   call_reusable_security:
     name: OpenSSF Scorecards
diff --git a/.github/workflows/reusable_security.yml b/.github/workflows/reusable_security.yml
@@ -33,18 +33,18 @@ jobs:
       - name: "Run analysis"
         uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
         with:
-          results_file: scorecard-results-${{ github.workflow }}-${{ github.job }}.sarif
+          results_file: scorecard-results-${{ github.workflow_sha }}-${{ github.run_number }}.sarif
           results_format: sarif
           publish_results: true
 
       - name: "Upload artifact"
         uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: Scorecard SARIF file
-          path: scorecard-results-${{ github.workflow }}-${{ github.job }}.sarif
+          path: scorecard-results-${{ github.workflow_sha }}-${{ github.run_number }}.sarif
           retention-days: 5
 
       - name: "Upload to code-scanning"
         uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
         with:
-          sarif_file: scorecard-results-${{ github.workflow }}-${{ github.job }}.sarif
+          sarif_file: scorecard-results-${{ github.workflow_sha }}-${{ github.run_number }}.sarif
diff --git a/.github/workflows/reusable_vuln_scan.yml b/.github/workflows/reusable_vuln_scan.yml
@@ -33,4 +33,4 @@ jobs:
       scan-args: "${{ inputs.scan-args }}"
       fail-on-vuln: true
       upload-sarif: true
-      results-file-name: osv-scanner-pr-results-${{ github.workflow }}-${{ github.job }}.sarif
+      results-file-name: osv-scanner-pr-results-${{ github.workflow_sha }}-${{ github.run_number }}.sarif
