fix(ci): only scan on master branch (#7047)

2025-11-04 04:39:10 +00:00 · 2023-01-16 21:04:37 +05:30 · 2023-01-16 21:04:37 +05:30 · 16c41b4778
commit 16c41b4778
parent 5951379e4c
1 changed files with 5 additions and 0 deletions
--- a/.github/workflows/docker-unified.yml
+++ b/.github/workflows/docker-unified.yml
@ -88,6 +88,7 @@ jobs:
          file: ./docker/datahub-gms/Dockerfile
          platforms: linux/amd64,linux/arm64
  gms_scan:
+    if: github.ref_name == 'master'
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
@ -148,6 +149,7 @@ jobs:
          file: ./docker/datahub-mae-consumer/Dockerfile
          platforms: linux/amd64,linux/arm64
  mae_consumer_scan:
+    if: github.ref_name == 'master'
    name: "[Monitoring] Scan MAE consumer images for vulnerabilities"
    runs-on: ubuntu-latest
    needs: [setup, mae_consumer_build]
@ -208,6 +210,7 @@ jobs:
          file: ./docker/datahub-mce-consumer/Dockerfile
          platforms: linux/amd64,linux/arm64
  mce_consumer_scan:
+    if: github.ref_name == 'master'
    name: "[Monitoring] Scan MCE consumer images for vulnerabilities"
    runs-on: ubuntu-latest
    needs: [setup, mce_consumer_build]
@ -268,6 +271,7 @@ jobs:
          file: ./docker/datahub-upgrade/Dockerfile
          platforms: linux/amd64,linux/arm64
  datahub_upgrade_scan:
+    if: github.ref_name == 'master'
    name: "[Monitoring] Scan DataHub Upgrade images for vulnerabilities"
    runs-on: ubuntu-latest
    needs: [setup, datahub_upgrade_build]
@ -327,6 +331,7 @@ jobs:
          file: ./docker/datahub-frontend/Dockerfile
          platforms: linux/amd64,linux/arm64
  frontend_scan:
+    if: github.ref_name == 'master'
    name: "[Monitoring] Scan Frontend images for vulnerabilities"
    runs-on: ubuntu-latest
    needs: [setup, frontend_build]