From 6afd9ca4cca3458ae6293e1f828a117f43bb134d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20Garc=C3=ADa=20Crespo?= <jesus@sevein.com>
Date: Fri, 16 Aug 2024 07:21:58 +0000
Subject: [PATCH] Use inputs.scan in artifacts workflow

---
 .github/workflows/artifacts.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml
index 6e30070f..ec947b36 100644
--- a/.github/workflows/artifacts.yml
+++ b/.github/workflows/artifacts.yml
@@ -113,13 +113,13 @@ jobs:
 
       - name: Fetch image
         run: skopeo --insecure-policy copy docker://${{ steps.image-ref.outputs.value }} oci-archive:image.tar
-        if: inputs.publish
+        if: inputs.scan
 
       - name: Extract OCI tarball
         run: |
           mkdir -p image
           tar -xf image.tar -C image
-        if: inputs.publish
+        if: inputs.scan
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
@@ -128,10 +128,10 @@ jobs:
           format: sarif
           output: trivy-results.sarif
           timeout: 20m0s
-        if: inputs.publish
+        if: inputs.scan
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0
         with:
           sarif_file: trivy-results.sarif
-        if: inputs.publish
+        if: inputs.scan