Snyk Report is not preventing duplicates
Closes #29699 Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
This commit is contained in:
parent
433c73acd1
commit
8577573fe4
2 changed files with 28 additions and 3 deletions
27
.github/scripts/snyk-report.sh
vendored
27
.github/scripts/snyk-report.sh
vendored
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash -e
|
#!/bin/bash -e
|
||||||
|
|
||||||
KEYCLOAK_REPO="keycloak/keycloak"
|
KEYCLOAK_REPO="keycloak/keycloak"
|
||||||
|
|
||||||
# Prevent duplicates by checking if a similar title exists
|
# Prevent duplicates by checking if a similar title exists
|
||||||
check_github_issue_exists() {
|
check_github_issue_exists() {
|
||||||
local issue_title="$1"
|
local issue_title="$1"
|
||||||
|
@ -11,6 +10,24 @@ check_github_issue_exists() {
|
||||||
local response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" -H "Accept: application/vnd.github.v3+json" "$search_url")
|
local response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" -H "Accept: application/vnd.github.v3+json" "$search_url")
|
||||||
local count=$(echo "$response" | jq '.total_count')
|
local count=$(echo "$response" | jq '.total_count')
|
||||||
|
|
||||||
|
# Check for bad credentials
|
||||||
|
if printf "%s" "$response" | jq -e '.message == "Bad credentials"' > /dev/null; then
|
||||||
|
printf "Error: Bad credentials\n%s\n" "$response"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if we reached GitHub rate limiting
|
||||||
|
if printf "%s" "$response" | jq -e '.message == "API rate limit exceeded"' > /dev/null; then
|
||||||
|
printf "Error: API rate limit exceeded\n%s\n" "$response"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if total_count is available
|
||||||
|
if [[ $count == "null" ]]; then
|
||||||
|
printf "Error: total_count not available in response\n%s\n" "$response"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
if [[ $count -gt 0 ]]; then
|
if [[ $count -gt 0 ]]; then
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
|
@ -27,6 +44,14 @@ create_github_issue() {
|
||||||
local data=$(jq -n --arg title "$title" --arg body "$body" \
|
local data=$(jq -n --arg title "$title" --arg body "$body" \
|
||||||
'{title: $title, body: $body, labels: ["status/triage", "kind/cve", "kind/bug"]}')
|
'{title: $title, body: $body, labels: ["status/triage", "kind/cve", "kind/bug"]}')
|
||||||
local response=$(curl -s -w "%{http_code}" -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" -d "$data" "$api_url")
|
local response=$(curl -s -w "%{http_code}" -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" -d "$data" "$api_url")
|
||||||
|
local http_code=$(echo "$response" | tail -n1)
|
||||||
|
|
||||||
|
if [[ $http_code -eq 201 ]]; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
printf "Issue creation failed with status: %s\n" "$http_code"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
check_dependencies() {
|
check_dependencies() {
|
||||||
|
|
2
.github/workflows/schedule-nightly.yml
vendored
2
.github/workflows/schedule-nightly.yml
vendored
|
@ -33,7 +33,7 @@ jobs:
|
||||||
- documentation.yml
|
- documentation.yml
|
||||||
- js-ci.yml
|
- js-ci.yml
|
||||||
- operator-ci.yml
|
- operator-ci.yml
|
||||||
#- snyk-analysis.yml
|
- snyk-analysis.yml
|
||||||
- trivy-analysis.yml
|
- trivy-analysis.yml
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
|
Loading…
Reference in a new issue