From 65a54477dbb0cf3c63b8e2d97ce21d7a54ae3bcf Mon Sep 17 00:00:00 2001 From: Jonathan Skubic Date: Thu, 18 Sep 2025 10:50:47 -0400 Subject: [PATCH 1/2] feat(dependabot-vulnerability-scan): Create Jira issues automatically --- .../workflows/dependabot-alerts-to-jira.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/dependabot-alerts-to-jira.yaml diff --git a/.github/workflows/dependabot-alerts-to-jira.yaml b/.github/workflows/dependabot-alerts-to-jira.yaml new file mode 100644 index 0000000..9572f69 --- /dev/null +++ b/.github/workflows/dependabot-alerts-to-jira.yaml @@ -0,0 +1,29 @@ +name: Dependabot Alerts → Jira (scheduled) + +on: + schedule: +- cron: '40 8 * * 1-5' + workflow_dispatch: {} + +permissions: + contents: read + security-events: read + +concurrency: + group: ${{ github.workflow }}-${{ github.run_id }} + cancel-in-progress: false + +jobs: + run: + runs-on: ubuntu-latest + steps: + - name: Dependabot alerts → Jira (bulk) + uses: ndustrialio/actions/vulnerability-scan/dependabot@vulns-to-jira + with: + github-token: ${{ secrets.NIO_BOT_TOKEN }} + bulk-parallel: "12" # tweak as you like + jira-base-url: ${{ secrets.JIRA_BASE_URL }} + jira-email: ${{ secrets.JIRA_EMAIL }} + jira-api-token: ${{ secrets.JIRA_API_TOKEN }} + jira-team-name: 'Graphiti Artists' + jira-assignee-account-id: "712020:5f7fecaa-5e02-4e98-adaa-3d280fef9d4f" From 7475c3c73c64961c8851b5e35192a10e95b262c8 Mon Sep 17 00:00:00 2001 From: jskubic-ndustrial <77359786+jskubic-ndustrial@users.noreply.github.com> Date: Thu, 18 Sep 2025 11:58:48 -0400 Subject: [PATCH 2/2] Update dependabot-alerts-to-jira.yaml --- .github/workflows/dependabot-alerts-to-jira.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependabot-alerts-to-jira.yaml b/.github/workflows/dependabot-alerts-to-jira.yaml index 9572f69..a32f0db 100644 --- a/.github/workflows/dependabot-alerts-to-jira.yaml +++ b/.github/workflows/dependabot-alerts-to-jira.yaml @@ -2,7 +2,7 @@ name: Dependabot Alerts → Jira (scheduled) on: schedule: -- cron: '40 8 * * 1-5' + - cron: '40 8 * * 1-5' workflow_dispatch: {} permissions: