Workflow Reports
Workflow Reports provide detailed output from the security and quality scanning tools integrated into your pipeline. Reports are generated per execution and can be downloaded for analysis.
Accessing Reports
- Open the workflow in the Workflow Builder.
- Navigate to the Reports tab.
- A table displays all reports linked to pipeline executions for this workflow.
Report Details
Each report entry includes:
| Column | Description |
|---|---|
| Execution ID | The pipeline execution that generated the report. |
| Triggered At | When the execution was run. |
| Trigger Type | How the execution was triggered (manual, automatic, webhook). |
| Tool | The scanning tool that generated the report (Trivy, detect-secrets, or SonarQube). |
| Stage | The pipeline stage where the tool ran (Pre-Build, Post-Build). |
| Report Link | Download link for the report file. Links are valid for 24 hours. |
Report Types
| Tool | Format | Contents |
|---|---|---|
| Trivy | CSV | Vulnerability scan results — severity, CVE ID, package name, installed version, and fixed version. |
| Detect-Secrets | CSV | Detected secrets — file path, secret type, and line number. |
| SonarQube | External Link | Code quality report accessible via SonarQube dashboard — bugs, vulnerabilities, code smells, and quality gate status. |
Downloading Reports
Click the Report Link for any entry to download the report file directly. Trivy and detect-secrets reports are downloadable as CSV files via pre-signed S3 URLs. SonarQube reports link to the external SonarQube dashboard.
note
Report download links expire after 24 hours. If a link has expired, re-run the workflow to generate a fresh report.