Skip to content

ci(scorecard): trigger on release completion, not every main push#42

Merged
aksOps merged 1 commit intomainfrom
ci-scorecard-on-release-only
Apr 23, 2026
Merged

ci(scorecard): trigger on release completion, not every main push#42
aksOps merged 1 commit intomainfrom
ci-scorecard-on-release-only

Conversation

@aksOps
Copy link
Copy Markdown
Contributor

@aksOps aksOps commented Apr 23, 2026

Re-points scorecard from push: branches: [main] to workflow_run on release completion. Most merges don't change scorecard-visible state; scanning every one just burned runner time and published stale reports. Also adds workflow_dispatch for on-demand manual scans. Weekly Monday cron stays as a backstop.

@aksOps @claude
ci(scorecard): trigger after release completion, not every main push
6dea8a1 
- Adds workflow_run: on release completion → scorecard scans the
  fresh release artifacts right after they land, so Signed-Releases
  and Packaging checks see current state.
- Adds workflow_dispatch for manual re-scans.
- Removes push:branches:[main] — most commits don't change scorecard-
  visible state; scanning on every merge just burned runner time
  and published stale reports.
- Keeps the weekly Monday schedule as a backstop.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@aksOps aksOps enabled auto-merge (squash) April 23, 2026 04:41
@aksOps aksOps merged commit 7d21e6c into main Apr 23, 2026
12 checks passed
@aksOps aksOps deleted the ci-scorecard-on-release-only branch April 23, 2026 04:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aksOps