Skip to content

Commit e1876d7

Browse files
anthony-nhsanthony-nhs
committed
do not error on vulns for dependabot
1 parent 50127ef commit e1876d7

2 files changed

Lines changed: 9 additions & 0 deletions

File tree

.github/workflows/quality-checks-devcontainer.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -151,19 +151,23 @@ jobs:
151151

152152
- name: Check python vulnerabilities
153153
if: ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
154+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
154155
run: |
155156
make trivy-scan-python
156157
157158
- name: Check node vulnerabilities
158159
if: ${{ steps.check_languages.outputs.uses_node == 'true' }}
160+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
159161
run: |
160162
make trivy-scan-node
161163
- name: Check go vulnerabilities
162164
if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
165+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
163166
run: |
164167
make trivy-scan-go
165168
- name: Check java vulnerabilities
166169
if: ${{ steps.check_languages.outputs.uses_java == 'true' }}
170+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
167171
run: |
168172
make trivy-scan-java
169173
- name: Show vulnerability output
@@ -304,6 +308,7 @@ jobs:
304308
DOCKER_IMAGE: ${{ matrix.docker_image }}
305309

306310
- name: Check docker vulnerabilities
311+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
307312
run: |
308313
make trivy-scan-docker
309314
env:

.github/workflows/quality-checks.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -264,6 +264,7 @@ jobs:
264264

265265
- name: Check python vulnerabilities
266266
if: ${{ always() && steps.check_languages.outputs.uses_poetry == 'true'}}
267+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
267268
uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
268269
with:
269270
scan-type: "fs"
@@ -277,6 +278,7 @@ jobs:
277278
trivy-config: trivy.yaml
278279
- name: Check node vulnerabilities
279280
if: ${{ always() && steps.check_languages.outputs.uses_node == 'true' }}
281+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
280282
uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
281283
with:
282284
scan-type: "fs"
@@ -290,6 +292,7 @@ jobs:
290292
trivy-config: trivy.yaml
291293
- name: Check go vulnerabilities
292294
if: ${{ always() && steps.check_languages.outputs.uses_go == 'true' }}
295+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
293296
uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
294297
with:
295298
scan-type: "fs"
@@ -302,6 +305,7 @@ jobs:
302305
exit-code: "1"
303306
- name: Check java vulnerabilities
304307
if: ${{ always() && steps.check_languages.outputs.uses_java == 'true' }}
308+
continue-on-error: ${{ github.actor == 'dependabot[bot]' }}
305309
uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
306310
with:
307311
scan-type: "fs"

0 commit comments

Comments
 (0)