gitlab-ci: only trigger safety job if API key is present

2024-11-10 17:30:11 +01:00 · 2024-09-04 16:09:44 +02:00 · 2024-09-04 16:09:44 +02:00 · b669ce654d
commit b669ce654d
parent 3c03fef28f
1 changed files with 10 additions and 7 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -262,18 +262,21 @@ lint_format_bandit_checks:
 # so important to scan that kind of install in CI.
 # https://docs.safetycli.com/safety-docs/installation/gitlab
 safety:
-  only:
-    changes:
-      - .gitlab-ci.yml
-      - .safety-policy.yml
-      - pyproject.toml
-      - setup.py
  image: debian:bookworm-slim
+  rules:
+    # once only:/changes: are ported to rules:, this could be removed:
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "push" && $SAFETY_API_KEY
+      changes:
+        - .gitlab-ci.yml
+        - .safety-policy.yml
+        - pyproject.toml
+        - setup.py
  <<: *apt-template
  variables:
    LANG: C.UTF-8
  script:
-    - test -n "$SAFETY_API_KEY" || exit 0
    - apt-get install
        fdroidserver
        python3-biplist