Skip to content

fix(ci): clean up grype scan files after attestation#2863

Merged
jiparis merged 1 commit into
chainloop-dev:mainfrom
jiparis:jiparis/cleanup-grype-scans
Mar 16, 2026
Merged

fix(ci): clean up grype scan files after attestation#2863
jiparis merged 1 commit into
chainloop-dev:mainfrom
jiparis:jiparis/cleanup-grype-scans

Conversation

@jiparis

@jiparis jiparis commented Mar 16, 2026

Copy link
Copy Markdown
Member

Summary

  • Remove leftover vuln-*.json grype scan files from the working directory after attestation, preventing them from being included in the auto-generated PR.
  • Delete existing vuln-*.json files that were already committed to the repository.

Closes #2785

Remove leftover vuln-*.json files from the working directory after
attestation so the create-pull-request action does not include them
in the generated PR.

Closes chainloop-dev#2785

Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 17 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/release.yaml">

<violation number="1" location=".github/workflows/release.yaml:181">
P2: Avoid the wildcard cleanup here; delete the exact vulnerability report files you generate instead.

(Based on your team's feedback about avoiding glob patterns in file discovery and path matching.) [FEEDBACK_USED]</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

Comment thread .github/workflows/release.yaml
@jiparis jiparis requested review from javirln and migmartri March 16, 2026 16:22
@jiparis jiparis merged commit c5513a9 into chainloop-dev:main Mar 16, 2026
15 checks passed
@jiparis jiparis deleted the jiparis/cleanup-grype-scans branch March 16, 2026 16:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Vulnerability scan at release time

3 participants