Skip to content

Scanner mappings update #36

Scanner mappings update

Scanner mappings update #36

name: Scanner mappings update
on:
schedule:
- cron: "0 0 * * *"
jobs:
download-and-upload:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Authenticate with Google Cloud
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.GOOGLE_SA_CIRCLECI_SCANNER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Download repository mappings
run: |
curl --fail --silent --show-error --max-time 60 --retry 3 --create-dirs \
-o 'repomapping-tmp/#1' \
'https://access.redhat.com/security/data/metrics/{repository-to-cpe.json,container-name-repos-map.json}'
for f in repomapping-tmp/*; do
jq empty "$f"
done
- name: Upload repository mappings to Google Cloud Storage
run: |
# Zip the files into mapping.zip
zip mapping.zip repomapping-tmp/*
mkdir -p redhat-repository-mappings && mv mapping.zip redhat-repository-mappings/
# Upload mapping.zip to Google Cloud Storage
gsutil cp -r "redhat-repository-mappings" "gs://scanner-v4-test/"
- name: Send Slack notification on workflow failure
if: failure()
run: |
curl -X POST -H 'Content-type: application/json' --data '{"text":"<!subteam^S04S96AAVND|acs-scanner-primary> Failure in Scanner V4 Updater Workflow: Download and Upload Repository Mappings"}' ${{ secrets.SLACK_ONCALL_SCANNER_WEBHOOK }}