Commit 4e2283d
committed
fix: gracefully skip security scan when build artifact is absent
When docker-build.yml skips the build for renovate/chore PRs, no
docker image artifact is uploaded. Previously, security-pr.yml would
crash with reason_category=not_found when the artifact was missing,
treating an intentional skip as a hard failure.
The fix distinguishes "artifact not found" from API errors: missing
artifacts now set artifact_exists=false and exit cleanly. The download
and image-load steps are guarded by this output, so the entire artifact
path is skipped gracefully. Downstream scan steps were already gated
on artifact_exists==true, so no further changes are needed.
Renovate dependency PRs will now produce a passing (no-op) security
scan job rather than a failed one.1 parent dc96507 commit 4e2283d
1 file changed
Lines changed: 6 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
226 | 226 | | |
227 | 227 | | |
228 | 228 | | |
229 | | - | |
230 | | - | |
| 229 | + | |
| 230 | + | |
231 | 231 | | |
232 | 232 | | |
233 | | - | |
| 233 | + | |
| 234 | + | |
234 | 235 | | |
235 | 236 | | |
236 | 237 | | |
| |||
241 | 242 | | |
242 | 243 | | |
243 | 244 | | |
244 | | - | |
| 245 | + | |
245 | 246 | | |
246 | 247 | | |
247 | 248 | | |
| |||
250 | 251 | | |
251 | 252 | | |
252 | 253 | | |
253 | | - | |
| 254 | + | |
254 | 255 | | |
255 | 256 | | |
256 | 257 | | |
| |||
0 commit comments