thoth-station/thoth-github-action

Include links to Security Scorecards in workflow result

Closed this issue · 7 comments

Is your feature request related to a problem? Please describe.

As a user of this action, I would like to have a summary of the stack info generated by Thoth available as a comment on each pull request where it was configured as part of the CI, as well as a link to the Search UI to browse results interactively.
This way, Thoth advises would be visible even if the workflow does not fail, without having to go to the workflow section to see if warnings are available for my dependencies.

Describe alternatives you've considered

Leave all justifications in the workflow logs.

/sig stack-guidance
/kind feature

@mayaCostantini: The label(s) sig/stack-guidance, kind/feature cannot be applied, because the repository doesn't have them.

In response to this:

/sig stack-guidance
/kind feature

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

/assign

/sig stack-guidance
/kind feature
/priority critical-urgent

/remove priority-critical-urgent
/priority backlog

Related to #59

Closed as replaced by #59