In order to achieve the best experience for the developer we should have a dedicated Github action that performs the container scan and uploads the sarif results to surface any vulnerabilities in the GH Security tab UI.

Arguments:

• Image ref (if image has already been pushed up to registry)
• Image path (if image tar has been saved locally)