Fix scan job configuration (#254)

Signed-off-by: Ignasi Barrera <[email protected]>
istio-ecosystem · Apr 22, 2024 · 3b67f32 · 3b67f32
1 parent d63df82
commit 3b67f32
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
@@ -51,7 +51,11 @@ jobs:
         id: scan
         with:
           image: local/authservice:scan-amd64
+          # Only fail the build on PRs. Do not fail the build on the scheduled run, to let the workflow
+          # continue and have the report uploaded.
+          fail-build: ${{ github.event_name != 'schedule' }}
       - run: cat ${{ steps.scan.outputs.sarif }}
+        if: always()  # Always print the report to the stdout.
       # Do not upload the security advisories on every commit or pull request.
       # Upload the security advisories only for the nightly scans.
       - uses: github/codeql-action/upload-sarif@v3