Make the scanning method optional. (#580)

Signed-off-by: zepan <[email protected]>
opea-project · Sep 2, 2024 · ae71eee · ae71eee
1 parent 84a7e57
commit ae71eee
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/.github/workflows/manual-bom-scan.yml b/.github/workflows/manual-bom-scan.yml
@@ -15,6 +15,16 @@ on:
         description: "Tag to apply to images"
         required: true
         type: string
+      sbom-scan:
+        default: true
+        description: "Enable sbom-scan"
+        required: false
+        type: boolean
+      trivy-scan:
+        default: true
+        description: "Enable trivy-scan"
+        required: false
+        type: boolean
 
 permissions: read-all
 jobs:
@@ -55,15 +65,15 @@ jobs:
 
       - name: SBOM Scan Container
         uses: anchore/[email protected]
-        if: always()
+        if: ${{ fromJSON(inputs.sbom-scan) }}
         with:
           image: ${{ env.OPEA_IMAGE_REPO }}opea/${{ matrix.image }}:${{ inputs.tag }}
           output-file: ${{ matrix.image }}-sbom-scan.txt
           format: "spdx-json"
 
       - name: Security Scan Container
         uses: aquasecurity/[email protected]
-        if: always()
+        if: ${{ fromJSON(inputs.trivy-scan) }}
         with:
           image-ref: ${{ env.OPEA_IMAGE_REPO }}opea/${{ matrix.image }}:${{ inputs.tag }}
           output: ${{ matrix.image }}-trivy-scan.txt