From 263cdc712c61c5e962c31373a9e9e6687e445eec Mon Sep 17 00:00:00 2001
From: Martin Buchleitner <mabunixda@gmail.com>
Date: Fri, 6 Dec 2024 08:07:08 +0100
Subject: [PATCH] fix: no mondoo scan if token is not available

Signed-off-by: Martin Buchleitner <mabunixda@gmail.com>
---
 .github/workflows/container.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 1da3012..f81896e 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -54,6 +54,9 @@ on:
         type: string
         default: ''
 
+env:
+  MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SERVICE_ACCOUNT }}
+
 jobs:
 
   pre-commit:
@@ -120,7 +123,6 @@ jobs:
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
-
     - name: Build Container Image
       id: docker_build
       uses: docker/build-push-action@v5
@@ -132,9 +134,8 @@ jobs:
         build-args: ${{ inputs.build_args }}
 
     - name: Scan Docker Image
+      if: env.MONDOO_CONFIG_BASE64 != ''
       uses: mondoohq/actions/docker-image@v11.0.0
-      env:
-          MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SERVICE_ACCOUNT }}
       with:
           image: ${{ steps.prep.outputs.ghcr_tag }}
           score-threshold: ${{ inputs.score }}