Merge branch 'PMM-2.0' into rnovikovP-patch-1PMM-12888-Tech-Preview]-…

…Patroni-Dashboard

.github/workflows/pmm2-ui-tests-fb.yml

@@ -192,7 +192,7 @@ jobs:
 
   rbac:
     name: RBAC UI tests
-    uses: percona/pmm-ui-tests/.github/workflows/pmm-ui-tests.yml@main
+    uses: percona/pmm-qa/.github/workflows/runner-e2e-tests-playwright.yml@main
     secrets: inherit
     with:
       pmm_ui_tests_branch: ${{ inputs.pmm_ui_branch || 'main '}}
@@ -246,7 +246,7 @@ jobs:
 
   tarball_install:
     name: Tarball Install test
-    uses: Percona-QA/package-testing/.github/workflows/pmm-package-test-fb.yml@master
+    uses: percona/pmm-qa/.github/workflows/package-test-fb.yml@main
     secrets: inherit
     with:
       package_testing_branch: 'master'
@@ -257,7 +257,7 @@ jobs:
 
   tarball_upgrade:
     name: Tarball Upgrade test
-    uses: Percona-QA/package-testing/.github/workflows/pmm-package-test-fb.yml@master
+    uses: percona/pmm-qa/.github/workflows/package-test-fb.yml@main
     secrets: inherit
     with:
       package_testing_branch: 'master'

.github/workflows/trivy_scan.yml

@@ -1,26 +1,24 @@
 name: Scan pmm server and client docker images
 
 on:
+  schedule:
+    - cron: '0 7 * * 1'
   workflow_dispatch:
     inputs:
       server_image:
         description: "pmm-server docker image"
-        required: true
+        required: false
+        default: perconalab/pmm-server:dev-latest
         type: string
       client_image:
         description: "pmm-client docker image"
-        required: true
-        type: string
-      sha:
-        description: "SHA of commit to update status on"
-        required: true
+        default: perconalab/pmm-client:dev-latest
+        required: false
         type: string
 
 jobs:
   scan:
     runs-on: ubuntu-latest
-    env:
-      SHA: ${{ github.event.inputs.sha || github.event.pull_request.head.sha || github.sha }}
 
     strategy:
       fail-fast: false
@@ -30,18 +28,6 @@ jobs:
           - image: ${{ inputs.client_image }}
 
     steps:
-      - name: Communicate action status back to the PR
-        uses: percona/gh-action-github-status-action@update-node
-        continue-on-error: true
-        with:
-          authToken: ${{ secrets.GITHUB_TOKEN }}
-          context: "${{ matrix.image }}"
-          description: "Trivy vulnerability scanning ${{ job.status }}"
-          state: "pending"
-          repository: ${{ github.repository }}
-          target_url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
-          sha: ${{ env.SHA }}
-
       - name: Set report filename
         run: |
           echo "REPORT=$(echo ${{ matrix.image }} | cut -d'/' -f2 | tr ':' '-')" >> $GITHUB_ENV
@@ -65,15 +51,14 @@ jobs:
           path: ${{ env.REPORT }}
           retention-days: 7
 
-      - name: Communicate action status back to the PR
-        if: always()
-        uses: percona/gh-action-github-status-action@update-node
-        continue-on-error: true
-        with:
-          authToken: ${{ secrets.GITHUB_TOKEN }}
-          context: "${{ matrix.image }}"
-          description: "Trivy vulnerability scanning ${{ job.status }}"
-          state: ${{ job.status }}
-          repository: ${{ github.repository }}
-          target_url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
-          sha: ${{ env.SHA }}
+      - name: Send Slack notification on failure
+        if: ${{ failure() }}
+        uses: percona/gh-action-action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_TOKEN }}
+          SLACK_USERNAME: "trivy scanner"
+          SLACK_ICON_EMOJI: ":squirrel:"
+          SLACK_COLOR: "#FF0000"
+          SLACK_TITLE: "CVE Scan failure"
+          SLACK_MESSAGE: "Failed CVE scan for ${{ matrix.image }}"
+          SLACK_FOOTER: "Please check the Actions URL ^"