From 3d47c91e5c0d038ca48b6112f7627cd3da723837 Mon Sep 17 00:00:00 2001 From: "n8n-cat-bot[bot]" <283985454+n8n-cat-bot[bot]@users.noreply.github.com> Date: Wed, 17 Jun 2026 18:19:29 +0100 Subject: [PATCH] ci: Remove Slack notification from Trivy container scan (no-changelog) (#32474) Co-authored-by: n8n-cat-bot[bot] Co-authored-by: Claude Opus 4.7 --- .github/WORKFLOWS.md | 2 +- .../security-trivy-scan-callable.yml | 20 ------------------- 2 files changed, 1 insertion(+), 21 deletions(-) diff --git a/.github/WORKFLOWS.md b/.github/WORKFLOWS.md index 1aa9193df19..57a43315358 100644 --- a/.github/WORKFLOWS.md +++ b/.github/WORKFLOWS.md @@ -577,7 +577,7 @@ Supply chain security ensures artifacts haven't been tampered with. We provide t - **Runs on:** stable/nightly/rc Docker builds - **Scans:** n8n image, runners image -- **Output:** Slack `#updates-security` when vulnerabilities are detected +- **Output:** GitHub Actions step summary (`$GITHUB_STEP_SUMMARY`) and run logs ### SBOM diff --git a/.github/workflows/security-trivy-scan-callable.yml b/.github/workflows/security-trivy-scan-callable.yml index 88438625fcc..3deab7429cd 100644 --- a/.github/workflows/security-trivy-scan-callable.yml +++ b/.github/workflows/security-trivy-scan-callable.yml @@ -13,16 +13,10 @@ on: type: string description: 'Full image reference to scan e.g. ghcr.io/n8n-io/n8n:latest' required: true - secrets: - QBOT_SLACK_TOKEN: - required: true permissions: contents: read -env: - SLACK_CHANNEL_ID: C0AHNJU9XFA #updates-security - jobs: security_scan: name: Security - Scan Docker Image With Trivy @@ -36,7 +30,6 @@ jobs: security/trivy.yaml security/trivy-ignore-policy.rego .github/scripts/retry.mjs - .github/scripts/slack sparse-checkout-cone-mode: false - name: Pull Docker image with retry @@ -165,16 +158,3 @@ jobs: echo "🔍 **View detailed logs above for full analysis**" } >> "$GITHUB_STEP_SUMMARY" fi - - - name: Send Slack notification - if: steps.process_results.outputs.vulnerabilities_found == 'true' - env: - SLACK_TOKEN: ${{ secrets.QBOT_SLACK_TOKEN }} - IMAGE_REF: ${{ inputs.image_ref }} - run: | - node .github/scripts/slack/notify.mjs \ - --channel "$SLACK_CHANNEL_ID" \ - --text "🚨 Trivy Scan: ${{ steps.process_results.outputs.critical_count }} Critical, ${{ steps.process_results.outputs.high_count }} High, ${{ steps.process_results.outputs.medium_count }} Medium, ${{ steps.process_results.outputs.low_count }} Low vulnerabilities found in $IMAGE_REF" \ - --blocks trivy \ - --results trivy-results.json \ - --image-ref "$IMAGE_REF"