Skip to content

Scanner mappings update #209

Scanner mappings update

Scanner mappings update #209

name: Scanner mappings update
on:
schedule:
- cron: "0 0 * * *"
jobs:
update-scanner-mappings:
runs-on: ubuntu-latest
env:
REPOMAPPING_DIR: repomapping
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Authenticate with Google Cloud
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.GOOGLE_SA_STACKROX_HUB_VULN_DUMP_UPLOADER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Download repository mappings
run: scanner/image/scanner/download-mappings.sh "${{env.REPOMAPPING_DIR}}"
- name: Upload repository mappings to Google Cloud Storage
run: |
# Zip the files into mapping.zip
zip mapping.zip ${{env.REPOMAPPING_DIR}}/*
mkdir -p redhat-repository-mappings && mv mapping.zip redhat-repository-mappings/
# Upload mapping.zip to Google Cloud Storage
gsutil cp -r "redhat-repository-mappings" "gs://definitions.stackrox.io/v4"
- name: Send Slack notification on workflow failure
if: failure()
run: |
curl -X POST -H 'Content-type: application/json' --data '{"text":"<!subteam^S04S96AAVND|acs-scanner-primary> Failure in Scanner V4 Updater Workflow: Update Repository Mappings"}' ${{ secrets.SLACK_ONCALL_SCANNER_WEBHOOK }}