PN-16781: fix input path

.github/workflows/static-analysis.yaml

@@ -15,29 +15,58 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
 
-      - name: Run Trivy vulnerability scanner in IaC mode
+      - name: Run Trivy vulnerability scanner in IaC mode (runtime-infra)
         uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
         with:
           scan-type: 'config'
-          input: './src'
+          input: './runtime-infra'
           hide-progress: true
           format: 'sarif'
-          output: 'trivy-results-raw.sarif'
+          output: 'trivy-results-runtime-infra.sarif'
           exit-code: '0'
           trivyignores: '.trivyignore'
           severity: 'CRITICAL,HIGH'
-
-      - name: Filter SARIF to exclude MEDIUM and LOW
+
+      - name: Run Trivy vulnerability scanner in IaC mode (runtime-infra-confinfo)
+        uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
+        with:
+          scan-type: 'config'
+          input: './runtime-infra-confinfo'
+          hide-progress: true
+          format: 'sarif'
+          output: 'trivy-results-runtime-infra-confinfo.sarif'
+          exit-code: '0'
+          trivyignores: '.trivyignore'
+          severity: 'CRITICAL,HIGH'
+
+      - name: Filter SARIF to exclude MEDIUM and LOW (runtime-infra)
         run: |
           jq '
             .runs |= map(
               .results |= map(select(
                 (.message.text | test("Severity: (HIGH|CRITICAL)"))
               ))
             )
-          ' trivy-results-raw.sarif > trivy-results.sarif
+          ' trivy-results-runtime-infra.sarif > trivy-results-runtime-infra-highcritical.sarif
+
+      - name: Filter SARIF to exclude MEDIUM and LOW (runtime-infra-confinfo)
+        run: |
+          jq '
+            .runs |= map(
+              .results |= map(select(
+                (.message.text | test("Severity: (HIGH|CRITICAL)"))
+              ))
+            )
+          ' trivy-results-runtime-infra-confinfo.sarif > trivy-results-runtime-infra-confinfo-highcritical.sarif
+
+      - name: Upload Trivy scan results to GitHub Security tab (runtime-infra)
+        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f
+        with:
+          sarif_file: 'trivy-results-runtime-infra-highcritical.sarif'
+          category: 'trivy-runtime-infra'
 
-      - name: Upload Trivy scan results to GitHub Security tab
+      - name: Upload Trivy scan results to GitHub Security tab (runtime-infra-confinfo)
         uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: 'trivy-results-runtime-infra-confinfo-highcritical.sarif'
+          category: 'trivy-runtime-infra-confinfo'