Change monitor action run always

GitHubSecurityLab / actions-permissions

GitHub token permissions Monitor and Advisor actions

MIT License

256 stars 20 forks source link

Change monitor action run always #3

Closed nowsprinting closed 1 year ago

nowsprinting commented 1 year ago

Changed the 'post-if' condition in 'monitor/action.yml' from 'success()' to 'always()'. This change ensures that the post-workflow actions are executed in all scenarios, not only when the main steps are successful.

Some workflows also have permissions used by steps that only run on failure (such as notifications) because I want to collect these.

JarLob commented 1 year ago

Thanks for the PR. I see... The reason I made it on success was that if something has failed - it has incomplete log of calls and the recommending permissions may be misleading.

nowsprinting commented 1 year ago

Thanks!

it has incomplete log of calls and the recommending permissions may be misleading.

I see. That is true even when successful. For example, if we could annex coverage of the number of steps performed, regardless of success or failure, it might reduce misreading.