Kubernetes check "Prevent binding to privileged ports" (AVD-KSV-0117) may be invalid #467
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Auto-close issues | |
on: | |
issues: | |
types: [opened] | |
jobs: | |
close_issue: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Close issue if user does not have write or admin permissions | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
// Get the issue creator's username | |
const issueCreator = context.payload.issue.user.login; | |
// Check the user's permissions for the repository | |
const repoPermissions = await github.rest.repos.getCollaboratorPermissionLevel({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
username: issueCreator | |
}); | |
const permission = repoPermissions.data.permission; | |
// If the user does not have write or admin permissions, leave a comment and close the issue | |
if (permission !== 'write' && permission !== 'admin') { | |
const commentBody = "Please see https://aquasecurity.github.io/trivy/latest/community/contribute/issue/"; | |
await github.rest.issues.createComment({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.payload.issue.number, | |
body: commentBody | |
}); | |
await github.rest.issues.update({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.payload.issue.number, | |
state: 'closed', | |
state_reason: 'not_planned' | |
}); | |
console.log(`Issue #${context.payload.issue.number} closed because ${issueCreator} does not have sufficient permissions.`); | |
} |