From 3b45ddafa46bceeab6775d451d40efdedc532ad4 Mon Sep 17 00:00:00 2001
From: Sam Ainsworth <samuel.ainsworth@digital.justice.gov.uk>
Date: Fri, 17 Nov 2023 11:52:38 +0000
Subject: [PATCH] UML-3187 Fail on critical CVEs (#2434)

* UML-3187 Fail on critical CVEs
---
 scripts/pipeline/check_ecr_scan_results/aws_ecr_scan_results.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/pipeline/check_ecr_scan_results/aws_ecr_scan_results.py b/scripts/pipeline/check_ecr_scan_results/aws_ecr_scan_results.py
index 09c73c3010..9b8bef0a42 100755
--- a/scripts/pipeline/check_ecr_scan_results/aws_ecr_scan_results.py
+++ b/scripts/pipeline/check_ecr_scan_results/aws_ecr_scan_results.py
@@ -196,7 +196,7 @@ def ci_check_and_output(self, report):
         for severity, count in severity_dict.items():
             print(f"{severity}: {count}")
 
-        if severity_dict["HIGH"] > 0 or severity_dict["CRITICAL"] > 0:
+        if severity_dict["CRITICAL"] > 0:
             print("Failing the build. Please fix security vulnerabilities")
             exit(1)