Skip to content

Fix Trivy CI failure and remove repo bloat #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
groupthinking merged 3 commits into from
Feb 7, 2026
Merged

Fix Trivy CI failure and remove repo bloat #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9d7f08a
Initial plan
Copilot Feb 6, 2026
29b8110
Fix Trivy workflow failure, remove bloat files, update gitignore and …
Copilot Feb 6, 2026
040c84e
Tighten test assertions to match actual Dockerfile values per code re…
Copilot Feb 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file modified .coverage
View file
Open in desktop
Binary file not shown.
2 changes: 1 addition & 1 deletion .github/workflows/security.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ jobs:
trivy-db-
continue-on-error: true
- name: Build image for scanning
run: docker build -t eventrelay:test -f Dockerfile.production .
run: docker build -t eventrelay:test -f Dockerfile .
- name: Run Trivy vulnerability scanner
Copy link

@sentry sentry bot Feb 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Deployment scripts deploy-cloud-run.sh and one-click-deploy.sh reference the deleted Dockerfile.production, which will cause production deployments to fail.
Severity: CRITICAL

Suggested Fix

Update scripts/deployment/deploy-cloud-run.sh and scripts/deployment/one-click-deploy.sh to use Dockerfile instead of the non-existent Dockerfile.production. Also, remove any remaining references to Dockerfile.production in test files like tests/unit/test_security_fixes.py and documentation.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: .github/workflows/security.yml#L88

Potential issue: The PR removed `Dockerfile.production` but failed to update all
references to it. The deployment scripts `scripts/deployment/deploy-cloud-run.sh` (line
244) and `scripts/deployment/one-click-deploy.sh` (line 90) still attempt to build an
image using `docker build -f Dockerfile.production`. Since this file no longer exists,
any attempt to run these scripts for a production deployment will fail immediately with
a "path not found" error, blocking all Cloud Run deployments. While some tests and CI
workflows were updated, these critical deployment scripts were overlooked.

Did we get this right? 👍 / 👎 to inform future reviews.

uses: aquasecurity/trivy-action@master
with:
Expand Down
13 changes: 13 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,26 @@
# --- Jupyter ---
# --- Logs & Temp ---
# --- Project Specific ---
# --- Generated Reports & Data Dumps ---
CREDENTIALS_REPORT.json
IMPLEMENTATION_COMPLETE.md
autonomous_processing_report_*.json
comments_*.json
transcript_action_result.json
dashboard_test.html
# --- Loose root scripts (must live under src/, scripts/, or tools/) ---
/analyze_comments.py
/fetch_comments.py
/verify_enhancements.py
# --- Secrets (CRITICAL) ---
**/production-secrets.json
**/secrets.json
*.bak
*.cert
*.code-workspace
*.coverage
*.crt
*.egg-info/
*.db
*.gguf
*.ipynb
Expand Down
Loading
Loading