libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Snyk Report is not preventing duplicates

Browse source 
Closes #29699

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
This commit is contained in:
Bruno Oliveira da Silva 2024-05-28 19:35:04 -03:00
parent 433c73acd1
commit 8577573fe4
2 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
.github/scripts/snyk-report.sh vendored
View file

@ -1,7 +1,6 @@
#!/bin/bash -e #!/bin/bash -e
KEYCLOAK_REPO="keycloak/keycloak" KEYCLOAK_REPO="keycloak/keycloak"
# Prevent duplicates by checking if a similar title exists # Prevent duplicates by checking if a similar title exists
check_github_issue_exists() { check_github_issue_exists() {
local issue_title="$1" local issue_title="$1"
@ -10,7 +9,25 @@ check_github_issue_exists() {
local search_url="https://api.github.com/search/issues?q=$CVE_ID+is%3Aissue+sort%3Aupdated-desc+repo:$KEYCLOAK_REPO" local search_url="https://api.github.com/search/issues?q=$CVE_ID+is%3Aissue+sort%3Aupdated-desc+repo:$KEYCLOAK_REPO"
local response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" -H "Accept: application/vnd.github.v3+json" "$search_url") local response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" -H "Accept: application/vnd.github.v3+json" "$search_url")
local count=$(echo "$response" | jq '.total_count') local count=$(echo "$response" | jq '.total_count')
# Check for bad credentials
if printf "%s" "$response" | jq -e '.message == "Bad credentials"' > /dev/null; then
printf "Error: Bad credentials\n%s\n" "$response"
exit 1
fi
# Check if we reached GitHub rate limiting
if printf "%s" "$response" | jq -e '.message == "API rate limit exceeded"' > /dev/null; then
printf "Error: API rate limit exceeded\n%s\n" "$response"
exit 1
fi
# Check if total_count is available
if [[ $count == "null" ]]; then
printf "Error: total_count not available in response\n%s\n" "$response"
exit 1
fi
if [[ $count -gt 0 ]]; then if [[ $count -gt 0 ]]; then
return 0 return 0
else else
@ -27,6 +44,14 @@ create_github_issue() {
local data=$(jq -n --arg title "$title" --arg body "$body" \ local data=$(jq -n --arg title "$title" --arg body "$body" \
'{title: $title, body: $body, labels: ["status/triage", "kind/cve", "kind/bug"]}') '{title: $title, body: $body, labels: ["status/triage", "kind/cve", "kind/bug"]}')
local response=$(curl -s -w "%{http_code}" -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" -d "$data" "$api_url") local response=$(curl -s -w "%{http_code}" -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" -d "$data" "$api_url")
local http_code=$(echo "$response" | tail -n1)
if [[ $http_code -eq 201 ]]; then
return 0
else
printf "Issue creation failed with status: %s\n" "$http_code"
exit 1
fi
} }
check_dependencies() { check_dependencies() {

2
.github/workflows/schedule-nightly.yml vendored
View file

@ -33,7 +33,7 @@ jobs:
- documentation.yml - documentation.yml
- js-ci.yml - js-ci.yml
- operator-ci.yml - operator-ci.yml
#- snyk-analysis.yml - snyk-analysis.yml
- trivy-analysis.yml - trivy-analysis.yml
steps: steps: