From 41231dcd73c8e1d0911bd33e35a539d388222bab Mon Sep 17 00:00:00 2001
From: Brad Lugo <blugo@redhat.com>
Date: Thu, 21 Dec 2023 10:43:14 -0800
Subject: [PATCH] Move sanity-check-vuln-updates job

---
 .../workflows/sanity-check-vuln-updates.yaml  | 23 +++++++++++++++++++
 scripts/ci/lib.sh                             |  2 +-
 2 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/sanity-check-vuln-updates.yaml

diff --git a/.github/workflows/sanity-check-vuln-updates.yaml b/.github/workflows/sanity-check-vuln-updates.yaml
new file mode 100644
index 000000000..ef6fbdee8
--- /dev/null
+++ b/.github/workflows/sanity-check-vuln-updates.yaml
@@ -0,0 +1,23 @@
+name: Vulnerability updates sanity check
+on:
+  schedule:
+    - cron: '5 0,4,8,12,16,20 * * *'
+
+jobs:
+  sanity-check-vuln-updates:
+    env:
+      SLACK_WEBHOOK_ONCALL: ${{ secrets.SLACK_ONCALL_SCANNER_WEBHOOK }}
+    runs-on: ubuntu-latest
+    container:
+      image: quay.io/stackrox-io/apollo-ci:scanner-test-0.3.61
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - uses: ./.github/actions/job-preamble
+
+      - name: sanity-check-vuln-updates
+        run: ./scripts/ci/jobs/sanity-check-vuln-updates.sh
\ No newline at end of file
diff --git a/scripts/ci/lib.sh b/scripts/ci/lib.sh
index 31a5b41f7..bc2fe93de 100755
--- a/scripts/ci/lib.sh
+++ b/scripts/ci/lib.sh
@@ -772,7 +772,7 @@ send_slack_notice_for_failures_on_merge() {
 }
 
 send_slack_notice_for_vuln_check_failure() {
-    if ! is_OPENSHIFT_CI; then
+    if ! is_OPENSHIFT_CI && ! ! is_GITHUB_ACTIONS; then
         return 0
     fi