diff --git a/entrypoint.sh b/entrypoint.sh
index 4e9a751..d228136 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -70,6 +70,7 @@ if [ $cacheDir ];then
   GLOBAL_ARGS="$GLOBAL_ARGS --cache-dir $cacheDir"
 fi
 
+SARIF_ARGS=""
 ARGS=""
 if [ $format ];then
  ARGS="$ARGS --format $format"
@@ -82,9 +83,11 @@ if [ $exitCode ];then
 fi
 if [ "$ignoreUnfixed" == "true" ] && [ "$scanType" != "config" ];then
   ARGS="$ARGS --ignore-unfixed"
+  SARIF_ARGS="$SARIF_ARGS --ignore-unfixed"
 fi
 if [ $vulnType ] && [ "$scanType" != "config" ];then
   ARGS="$ARGS --vuln-type $vulnType"
+  SARIF_ARGS="$SARIF_ARGS --vuln-type $vulnType"
 fi
 if [ $severity ];then
   ARGS="$ARGS --severity $severity"
@@ -96,6 +99,7 @@ if [ $skipDirs ];then
   for i in $(echo $skipDirs | tr "," "\n")
   do
     ARGS="$ARGS --skip-dirs $i"
+    SARIF_ARGS="$SARIF_ARGS --skip-dirs $i"
   done
 fi
 if [ $timeout ];then
@@ -103,6 +107,7 @@ if [ $timeout ];then
 fi
 if [ $ignorePolicy ];then
   ARGS="$ARGS --ignore-policy $ignorePolicy"
+  SARIF_ARGS="$SARIF_ARGS --ignore-policy $ignorePolicy"
 fi
 if [ "$hideProgress" == "true" ];then
   ARGS="$ARGS --no-progress"
@@ -117,8 +122,8 @@ returnCode=$?
 # regardless of severity level specified in this report.
 # This is a feature, not a bug :)
 if [[ ${template} == *"sarif"* ]]; then
-  echo "Building SARIF report"
-  trivy --quiet ${scanType} --format template --template ${template} --output ${output} ${artifactRef}
+  echo "Building SARIF report with options: ${SARIF_ARGS}" "${artifactRef}"
+  trivy --quiet ${scanType} --format template --template ${template} --output ${output} $SARIF_ARGS ${artifactRef}
 fi
 
 exit $returnCode