Merge pull request #1774 from shipwright-io/sascha-fix-issue-close

Fix gh command that closes the issue when all vulnerabilities are fixed

Author: openshift-merge-bot[bot]

.github/report-release-vulnerabilities.sh

@@ -111,7 +111,6 @@ assignees="$(dyff json OWNERS | jq -r '.approvers | join(",")')"
 issues="$(gh issue list --label release-vulnerabilities --json number)"
 
 if [ "$(jq length <<<"${issues}")" == "0" ]; then
-
   if [ "${hasVulnerabilities}" == "true" ]; then
     # create new issue
     echo "[INFO] Creating new issue"
@@ -133,7 +132,9 @@ else
       --add-assignee "${assignees}" \
       --body-file /tmp/report.md
   else
-    gh issue close --reason "No vulnerabilities found in the latest release ${RELEASE_TAG}"
+    gh issue close "${issueNumber}" \
+      --comment  "No vulnerabilities found in the latest release ${RELEASE_TAG}" \
+      --reason completed
   fi
 fi
 

.github/workflows/report-release-vulnerabilities.yaml

@@ -5,6 +5,10 @@ name: Report release vulnerabilities
 on:
   schedule:
     - cron: '0 4 * * *' # 4:00 am UTC = 1 hour after base image build
+  release:
+    types:
+      - edited
+      - published
   workflow_dispatch: {}
 jobs:
   report-vulnerabilities: