From dbe81d8f50afc09cee319004dfafab960f31d51a Mon Sep 17 00:00:00 2001
From: Tom Martensen <tmartens@redhat.com>
Date: Wed, 14 Jan 2026 12:53:02 +0100
Subject: [PATCH 1/2] fix: expose result-path output for
 scan-image-vulnerabilities

---
 release/scan-image-vulnerabilities/README.md  | 6 ++++++
 release/scan-image-vulnerabilities/action.yml | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/release/scan-image-vulnerabilities/README.md b/release/scan-image-vulnerabilities/README.md
index 37944af..50c88c8 100644
--- a/release/scan-image-vulnerabilities/README.md
+++ b/release/scan-image-vulnerabilities/README.md
@@ -59,6 +59,12 @@ URL of the ACS/RHACS Central instance to use for scanning.
 
 Example: `"https://central.example.com"`
 
+## Outputs
+
+| Output         | Description                                                          |
+|----------------|----------------------------------------------------------------------|
+| `result-path`  | Path to the scan image result JSON for further inspection or upload. |
+
 ## Usage
 
 The action integrates with the [stackrox/central-login](https://github.com/stackrox/central-login) action, which uses OIDC login for authentication of the `roxctl` CLI.
diff --git a/release/scan-image-vulnerabilities/action.yml b/release/scan-image-vulnerabilities/action.yml
index 7314fc3..d78d7a0 100644
--- a/release/scan-image-vulnerabilities/action.yml
+++ b/release/scan-image-vulnerabilities/action.yml
@@ -22,6 +22,11 @@ inputs:
     description: "ACS Central URL"
     required: true
 
+outputs:
+  result-path:
+    description: "Path to the scan result JSON file"
+    value: ${{ steps.scan-image-vulnerabilities.outputs.result-path }}
+
 runs:
   using: composite
   steps:
@@ -44,6 +49,7 @@ runs:
         central-token: ${{ env.ROX_API_TOKEN }}
 
     - name: Scan image for fixable vulnerabilities
+      id: scan-image-vulnerabilities
       shell: bash
       run: |
         set -uo pipefail

From 3db0fa7fb22119e4b76d2f2841f9db337d50360f Mon Sep 17 00:00:00 2001
From: Tom Martensen <tmartens@redhat.com>
Date: Thu, 15 Jan 2026 09:11:42 +0100
Subject: [PATCH 2/2] Update release/scan-image-vulnerabilities/action.yml

Co-authored-by: Misha Sugakov <537715+msugakov@users.noreply.github.com>
---
 release/scan-image-vulnerabilities/action.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release/scan-image-vulnerabilities/action.yml b/release/scan-image-vulnerabilities/action.yml
index d78d7a0..f64d5ce 100644
--- a/release/scan-image-vulnerabilities/action.yml
+++ b/release/scan-image-vulnerabilities/action.yml
@@ -24,7 +24,7 @@ inputs:
 
 outputs:
   result-path:
-    description: "Path to the scan result JSON file"
+    description: "Path to a JSON file with the scan results"
     value: ${{ steps.scan-image-vulnerabilities.outputs.result-path }}
 
 runs: