advanced-security
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 6 additions & 1 deletion b/‎.github/workflows/test.yml‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 14 additions & 1 deletion b/‎README.md‎
Lines changed: 14 additions & 1 deletion
diff --git a/‎action.yml‎
Lines changed: 3 additions & 12 deletions b/‎action.yml‎
Lines changed: 3 additions & 12 deletions
@@ -21,4 +21,9 @@ jobs:
       - uses: actions/checkout@v3
       - uses: ./
         with:
-          milliseconds: 1000
+          sarifFile: test-data/webgoat.sarif
+      - name: Archive SARIF output
+        uses: actions/upload-artifact@v3
+        with:
+          name: sarif-output
+          path: test-data/webgoat.sarif
@@ -5,8 +5,22 @@ Compare a CodeQL SARIF results file to a security standard CWE list and annotate
 ## Usage in GitHub Actions
 
 ```
+- name: Perform CodeQL Analysis
+  uses: github/codeql-action/analyze@v2
+  with:
+    category: "/language:${{matrix.language}}"
+    upload: false
+    output: sarif-results
+
 - name: Annotate CodeQL SARIF with OWASP Top 10 2021 tag
   uses: ctcampbell/codeql-sarif-security-standard-annotator@v1
+  with:
+    sarifFile: sarif-results/${{matrix.language}}.sarif
+
+- name: Upload SARIF
+  uses: github/codeql-action/upload-sarif@v2
+  with:
+    sarif_file: sarif-results/${{matrix.language}}.sarif
 ```
 
 ```
@@ -25,5 +39,4 @@ inputs:
   outputFile:
     required: false
     description: 'The output SARIF file path, defaults to the input SARIF file path'
-    default: '${{ inputs.sarifFile }}'
 ```
@@ -7,23 +7,14 @@ inputs:
     description: 'The CodeQL SARIF result file'
   cweFile:
     required: false
-    description: 'The CWE list XML file'
-    default: '${{ github.action_path }}/security-standards/owasp-top10-2021.xml'
+    description: 'The CWE list XML file, defaults to OWASP Top 10 2021'
   securityStandardTag:
     required: false
     description: 'The security standard tag to add to the SARIF file'
     default: 'owasp-top10-2021'
   outputFile:
     required: false
     description: 'The output SARIF file path, defaults to the input SARIF file path'
-    default: '${{ inputs.sarifFile }}'
 runs:
-  using: 'composite'
-  steps:
-    - run: |
-        node '${{ github.action_path }}/dist/index.js' \
-        --sarifFile '${{ inputs.sarifFile }}' \
-        --cweFile '${{ inputs.cweFile }}' \
-        --securityStandardTag '${{ inputs.securityStandardTag }}' \
-        --outputFile '${{ inputs.outputFile }}'
-      shell: bash
+  using: 'node16'
+  main: 'dist/index.js'