canonical · bschimke95 · Aug 21, 2024 · Aug 14, 2024 · Aug 14, 2024 · Aug 14, 2024
diff --git a/.github/workflows/scan_images.yaml b/.github/workflows/scan_images.yaml
@@ -82,3 +82,17 @@ jobs:
       env:
         TRIVY_USERNAME: ${{ github.actor }}
         TRIVY_PASSWORD: ${{ github.token }}
+    - name: Send vulnerability records to jira
+      if: ${{ inputs.upload-result }}
+      run: |
+        # get script that sends scan results from Kubeflow CI repo
+        CI_REPO="https://github.com/canonical/kubeflow-ci.git"
+        mkdir -p kubeflow-ci
+        cd kubeflow-ci
+        git init -q
+        git remote add -f origin "$CI_REPO" &> /dev/null
+        git sparse-checkout set scripts/cve-reports/send-scan.py
+        git pull -q origin main
+        cd -       
+        # send scans from supplied directory
+        ./kubeflow-ci/scripts/cve-reports/send-scan.py --report-path=trivy-results.sarif --jira-url=${{ secrets.JIRA_URL }} --add-github-meta