Add automated issue creation for Docker build and security scan failures

[Copilot]

CI failures on main now create GitHub issues automatically. Test and lint workflows already had this; Docker image builds did not.

Changes

Modified .github/workflows/build-ci-image.yml:

• Added continue-on-error: true to critical steps (Trivy scans, Docker builds)
• Added issue creation for Docker build failures (docker-build-failure label)
• Added issue creation for Trivy security scan failures (security-scan-failure label)
• Both check for existing open issues by label to prevent duplicates
• Both auto-create labels if missing
• Only triggers on push to main

Pattern

Follows existing pattern from pytest.yml and lint.yml:

- name: Create issue on Docker build failure
  if: (steps.build-qr.outcome == 'failure' || steps.build-infra.outcome == 'failure') && 
      github.event_name == 'push' && github.ref == 'refs/heads/main'
  env:
    GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  run: |
    EXISTING_ISSUES=$(gh issue list --label "docker-build-failure" --state open --json number --limit 1)
    if [ "$EXISTING_ISSUES" != "[]" ]; then
      echo "Existing open docker build failure issue found, skipping"
      exit 0
    fi
    # Create issue with workflow run link, commit SHA, and reproduction steps

Labels

Label	Triggers
docker-build-failure	QR or Infra image build fails
security-scan-failure	Trivy detects HIGH/CRITICAL vulnerabilities (repo, QR image, or Infra image)

Original prompt

Make it so that if any of the automated tests failed on "main" an issue is created with the output.

Also, if there is a failure during automated Docker Image creation, also make an issue.

Also, setup checking to see if a similar or even identical issue already exists.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	simplewish	8bdc22f	Jan 31 2026, 05:27 PM

[Copilot]

Pull request overview

This PR extends the CI image build workflow so that failures in Docker builds and Trivy security scans on main automatically open GitHub issues, aligning it with the existing pytest and lint workflows.

Changes:

• Grants the CI image build job issues: write permission and introduces continue-on-error: true for Trivy and Docker build steps so the workflow can proceed to issue-creation logic while still recording step outcomes.
• Adds conditional issue creation for Docker build failures with a docker-build-failure label, including label auto-creation, deduplication by label, and diagnostic/repro details.
• Adds conditional issue creation for Trivy scan failures with a security-scan-failure label, similarly handling label creation, deduplication, and including workflow/commit context plus local reproduction commands, and adds a final step to fail the workflow if any monitored step failed.