Skip to content

CI: restrict docker-image-scan job to Polaris repo#4548

Merged
adutra merged 2 commits into
apache:mainfrom
adutra:docker-scan-restriction
May 27, 2026
Merged

CI: restrict docker-image-scan job to Polaris repo#4548
adutra merged 2 commits into
apache:mainfrom
adutra:docker-scan-restriction

Conversation

@adutra

@adutra adutra commented May 26, 2026

Copy link
Copy Markdown
Contributor

This job publishes security reports, it doesn't make sense to enable it in forks.

Checklist

  • 🛡️ Don't disclose security issues! (contact security@apache.org)
  • 🔗 Clearly explained why the changes are needed, or linked related issues: Fixes #
  • 🧪 Added/updated tests with good coverage, or manually tested (and explained how)
  • 💡 Added comments for complex logic
  • 🧾 Updated CHANGELOG.md (if needed)
  • 📚 Updated documentation in site/content/in-dev/unreleased (if needed)

Copilot AI review requested due to automatic review settings May 26, 2026 10:20
@github-project-automation github-project-automation Bot moved this to PRs In Progress in Basic Kanban Board May 26, 2026
snazy
snazy previously approved these changes May 26, 2026
@github-project-automation github-project-automation Bot moved this from PRs In Progress to Ready to merge in Basic Kanban Board May 26, 2026
@adutra adutra enabled auto-merge (squash) May 26, 2026 10:27

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Restricts when the docker-image-scan GitHub Actions job runs, aiming to avoid publishing security reports from forked repositories.

Changes:

  • Adds a job-level if: condition to gate execution of docker-image-scan based on the repository owner.

Comment thread .github/workflows/ci.yml
@adutra adutra force-pushed the docker-scan-restriction branch from 29f4681 to 5c3ed79 Compare May 27, 2026 10:40
@adutra adutra merged commit 00a8632 into apache:main May 27, 2026
23 checks passed
@github-project-automation github-project-automation Bot moved this from Ready to merge to Done in Basic Kanban Board May 27, 2026
MonkeyCanCode pushed a commit to MonkeyCanCode/polaris that referenced this pull request Jun 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants