Only login to Docker Hub when pushing on master branch

TrafeX · TrafeX · commit 302cf16dccfc · 2021-12-29T08:29:18.000+01:00
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -38,7 +38,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: '${{ env.IMAGE_NAME }}:${{ github.sha }}'
+          image-ref: '${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}'
           format: 'template'
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'
@@ -49,6 +49,7 @@ jobs:
           sarif_file: 'trivy-results.sarif'
 
       - name: Login to Docker Hub
+        if: github.ref == 'refs/heads/master' && github.event_name == 'push'
         uses: docker/login-action@v1
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
