akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

fix: refine conditions for security scan and test jobs in Docker workflow

Browse Source
This commit is contained in:
GitHub Actions
2026-02-08 02:53:51 +00:00
parent 5ab66ddbc1
commit 44b66361e0
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/agents/Management.agent.md vendored
View File

@@ -169,6 +169,8 @@ The task is not complete until ALL of the following pass with zero issues:
6. **Linting**: All language-specific linters must pass
7: **Provide Detailed Commit Message**: Write a comprehensive commit message following the format and rules outlined in `.github/instructions/commit-message.instructions.md`. The message must be meaningful without viewing the diff and should explain the behavior changes, reasons for the change, and any important side effects or considerations.
**Your Role**: You delegate implementation to subagents, but YOU are responsible for verifying they completed the Definition of Done. Do not accept "DONE" from a subagent until you have confirmed they ran coverage tests, type checks, and security scans explicitly.
**Critical Note**: Leaving this unfinished prevents commit, push, and leaves users open to security concerns. All issues must be fixed regardless of whether they are unrelated to the original task. This rule must never be skipped. It is non-negotiable anytime any bit of code is added or changed.

4
.github/workflows/docker-build.yml vendored
View File

@@ -601,7 +601,7 @@ jobs:
scan-pr-image:
name: Security Scan PR Image
needs: build-and-push
if: needs.build-and-push.outputs.skip_build != 'true' && env.TRIGGER_EVENT == 'pull_request'
if: needs.build-and-push.outputs.skip_build != 'true' && (github.event_name == 'workflow_run' && github.event.workflow_run.event == 'pull_request')
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
@@ -694,7 +694,7 @@ jobs:
name: Test Docker Image
needs: build-and-push
runs-on: ubuntu-latest
if: needs.build-and-push.outputs.skip_build != 'true' && env.TRIGGER_EVENT != 'pull_request'
if: needs.build-and-push.outputs.skip_build != 'true' && (github.event_name != 'workflow_run' || github.event.workflow_run.event != 'pull_request')
env:
# Required for security teardown in integration tests
CHARON_EMERGENCY_TOKEN: ${{ secrets.CHARON_EMERGENCY_TOKEN }}