Skip to content

Commit 9393ebb

Browse files
authored
ci: guard CVE/license scanning workflows to canonical repo (finos#2753)
Forks lack NVD_API_KEY and other secrets, causing consistent twice-daily failures that are infrastructure noise rather than real findings.
1 parent c4f983c commit 9393ebb

4 files changed

Lines changed: 4 additions & 0 deletions

File tree

.github/workflows/cve-scanning-maven.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ on:
2020

2121
jobs:
2222
depchecktest:
23+
if: github.repository == 'finos/architecture-as-code'
2324
runs-on: ubuntu-latest
2425
strategy:
2526
matrix:

.github/workflows/cve-scanning-node.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ on:
2424
jobs:
2525
node-modules-scan:
2626
name: ${{ matrix.module-folder }}-node-scan
27+
if: github.repository == 'finos/architecture-as-code'
2728
runs-on: ubuntu-latest
2829
environment:
2930
name: code-scan

.github/workflows/license-scanning-maven.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ env:
1717

1818
jobs:
1919
scan:
20+
if: github.repository == 'finos/architecture-as-code'
2021
runs-on: ubuntu-latest
2122
strategy:
2223
matrix:

.github/workflows/license-scanning-node.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ on:
1414

1515
jobs:
1616
scan:
17+
if: github.repository == 'finos/architecture-as-code'
1718
runs-on: ubuntu-latest
1819
strategy:
1920
matrix:

0 commit comments

Comments
 (0)