diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 9b37e9a..206925b 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -47,10 +47,16 @@ jobs:
 
       - name: Scan SBOM
         uses: anchore/scan-action@v3
+        id: scan
         with:
           sbom: sbom.spdx.json
           fail-build: false
 
+      - name: upload Anchore scan SARIF report
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.scan.outputs.sarif }}
+
       - name: Changelog
         uses: TriPSs/conventional-changelog-action@v3
         id: changelog