@@ -23,6 +23,9 @@ permissions:
2323jobs :
2424 check-vulns :
2525 runs-on : ubuntu-latest
26+ outputs :
27+ matrix : ${{ steps.set_matrix.outputs.matrix }}
28+ full_output : ${{ steps.collect_error.outputs.result }}
2629 steps :
2730 - name : Setup Python 3.9
2831 uses : actions/setup-python@v3
4447 set -o pipefail
4548 python main.py --gh-token ${{ secrets.GITHUB_TOKEN }} --nvd-key=${{ secrets.NVD_API_KEY }} 2>&1 | tee result.log
4649 )
50+ name : build matrix
51+ id : set_matrix
52+ if : ${{ failure() }}
53+ working-directory : ./node/tools/dep_checker
54+ run : |
55+ matrix=$((echo '{ "vulnerability" : ['
56+ cat result.log | sed -n 's/.*\(CVE-.*\|GHSA-.*\).*/"\1",/p' | sed '$s/,//'
57+ echo "]}"
58+ ) | jq -c .)
59+ echo "::set-output name=matrix::$matrix"
60+
4761name : collect error
4862 id : collect_error
4963 if : ${{ failure() }}
@@ -55,13 +69,21 @@ jobs:
5569 content="${content//$'\n'/'%0A'}"
5670 content="${content//$'\r'/'%0D'}"
5771 echo "::set-output name=result::$content"
72+ create-issues :
73+ needs : check-vulns
74+ if : ${{ always() }}
75+ runs-on : ubuntu-latest
76+ strategy :
77+ matrix : ${{ fromJson(needs.check-vulns.outputs.matrix) }}
78+ steps :
5879 - uses : actions/checkout@v3
59- if : ${{ failure() }}
60- - uses : JasonEtco/create-an-issue@v2
61- if : ${{ failure() }}
80+ - uses : dblock/create-a-github-issue@v3
81+ with :
82+ update_existing : false
83+ search_existing : all
6284 env :
6385 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
64- ERROR_MSG : ${{ steps.collect_error.outputs.result }}
86+ ERROR_MSG : ${{ needs.check-vulns.outputs.full_output }}
87+ VULN_ID : ${{ matrix.vulnerability }}
6588 NODEJS_STREAM : ${{ inputs.nodejsStream }}
6689 ACTION_URL : " https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
67-
0 commit comments