Adding fail on scan

2025-03-04 15:15:06 +05:30 · 2025-03-04 15:15:06 +05:30 · 91845516ad
commit 91845516ad
parent 16f8a4f21f
2 changed files with 5 additions and 1 deletions
--- a/.github/workflows/base-build-image.yml
+++ b/.github/workflows/base-build-image.yml
@ -6,6 +6,9 @@ on:
      image_tag:
        required: true
        type: string
+      fail_on_scan:
+        default: true
+        type: boolean

 jobs:
  docker-build-and-push:
@ -52,7 +55,7 @@ jobs:
        output-format: table
        only-fixed: true
        severity-cutoff: critical
-        fail-build: true
+        fail-build: ${{ inputs.fail_on_scan }}

    - name: Push the container image
      run: docker push ${{ steps.get-id.outputs.DOCKER_IMAGE }}
--- a/repo-template/baseimage-repo/base-build-image.yml
+++ b/repo-template/baseimage-repo/base-build-image.yml
@ -15,4 +15,5 @@ jobs:
    secrets: inherit
    with:
      image_tag: ${{ github.ref_name }}-v1 #Generally becomes basin:node-22-dev-v1
+      fail_on_scan: true
      #To be updated in the code repo as per requirement