diff --git a/.github/workflows/auto-close-issue.yaml b/.github/workflows/auto-close-issue.yaml new file mode 100644 index 000000000000..679b34bb1232 --- /dev/null +++ b/.github/workflows/auto-close-issue.yaml @@ -0,0 +1,46 @@ +name: Auto-close issues + +on: + issues: + types: [opened] + +jobs: + close_issue: + runs-on: ubuntu-latest + steps: + - name: Close issue if user does not have write or admin permissions + uses: actions/github-script@v6 + with: + script: | + // Get the issue creator's username + const issueCreator = context.payload.issue.user.login; + + // Check the user's permissions for the repository + const repoPermissions = await github.rest.repos.getCollaboratorPermissionLevel({ + owner: context.repo.owner, + repo: context.repo.repo, + username: issueCreator + }); + + const permission = repoPermissions.data.permission; + + // If the user does not have write or admin permissions, leave a comment and close the issue + if (permission !== 'write' && permission !== 'admin') { + const commentBody = "Please see https://aquasecurity.github.io/trivy/latest/community/contribute/issue/"; + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.payload.issue.number, + body: commentBody + }); + + await github.rest.issues.update({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.payload.issue.number, + state: 'closed', + state_reason: 'not_planned' + }); + + console.log(`Issue #${context.payload.issue.number} closed because ${issueCreator} does not have sufficient permissions.`); + } \ No newline at end of file diff --git a/docs/community/contribute/issue.md b/docs/community/contribute/issue.md index e686f616e0b4..c402f73b9cfc 100644 --- a/docs/community/contribute/issue.md +++ b/docs/community/contribute/issue.md @@ -1,4 +1,7 @@ # Issues Thank you for taking interest in contributing to Trivy! -Trivy uses [GitHub Discussion](./discussion.md) for bug reports, feature requests, and questions. \ No newline at end of file +Trivy uses [GitHub Discussion](./discussion.md) for bug reports, feature requests, and questions. + +!!! warning + Issues created by non-maintainers will be immediately closed. \ No newline at end of file