Skip slim docker image for release-ballerina

RadCod3 · RadCod3 · commit 7eda118b732a · 2026-02-25T18:07:02.000+05:30
diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml
@@ -23,6 +23,11 @@ on:
         description: "Human-readable image title for OCI labels (e.g., AFM Ballerina Interpreter)"
         required: true
         type: string
+      build_slim:
+        description: "Whether to build and push a slim image variant"
+        required: false
+        default: false
+        type: boolean
 
 jobs:
   docker:
@@ -85,6 +90,7 @@ jobs:
             index:org.opencontainers.image.licenses=Apache-2.0
 
       - name: Build and push slim image
+        if: ${{ inputs.build_slim }}
         uses: docker/build-push-action@v5
         with:
           context: ${{ inputs.context }}
@@ -120,7 +126,7 @@ jobs:
           category: "trivy-full"
 
       - name: Scan slim Docker image for vulnerabilities
-        if: always()
+        if: ${{ always() && inputs.build_slim }}
         uses: aquasecurity/trivy-action@0.34.0
         with:
           image-ref: ${{ steps.docker-tags.outputs.FULL_IMAGE }}:v${{ inputs.version }}-slim
@@ -132,7 +138,7 @@ jobs:
 
       - name: Upload slim image Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v4
-        if: always()
+        if: ${{ always() && inputs.build_slim }}
         with:
           sarif_file: "trivy-results-slim.sarif"
           category: "trivy-slim"
diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml
@@ -4,16 +4,16 @@ on:
   workflow_dispatch:
     inputs:
       package:
-        description: 'Python package to release'
+        description: "Python package to release"
         required: true
         type: choice
         options:
           - afm-core
           - afm-langchain
       branch:
-        description: 'Branch to release from'
+        description: "Branch to release from"
         required: false
-        default: 'main'
+        default: "main"
         type: string
 
 concurrency:
@@ -121,11 +121,11 @@ jobs:
   pypi-publish:
     needs: [validate, test, docker]
     if: >-
-          !cancelled()
-          && needs.validate.result == 'success'
-          && needs.test.result == 'success'
-          && (needs.docker.result == 'success'
-            || needs.docker.result == 'skipped')
+      !cancelled()
+      && needs.validate.result == 'success'
+      && needs.test.result == 'success'
+      && (needs.docker.result == 'success'
+        || needs.docker.result == 'skipped')
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
@@ -181,18 +181,19 @@ jobs:
       version: ${{ needs.validate.outputs.release_version }}
       branch: ${{ inputs.branch }}
       image_title: AFM LangChain Interpreter
+      build_slim: false
     permissions:
       packages: write
       security-events: write
 
   finalize:
     needs: [validate, pypi-publish, docker]
     if: >-
-          !cancelled()
-          && needs.validate.result == 'success'
-          && needs.pypi-publish.result == 'success'
-          && (needs.docker.result == 'success'
-            || needs.docker.result == 'skipped')
+      !cancelled()
+      && needs.validate.result == 'success'
+      && needs.pypi-publish.result == 'success'
+      && (needs.docker.result == 'success'
+        || needs.docker.result == 'skipped')
     uses: ./.github/workflows/release-finalize.yml
     with:
       tag: ${{ needs.validate.outputs.tag }}
@@ -207,9 +208,9 @@ jobs:
   bump-version:
     needs: [validate, finalize]
     if: >-
-          !cancelled()
-          && needs.validate.result == 'success'
-          && needs.finalize.result == 'success'
+      !cancelled()
+      && needs.validate.result == 'success'
+      && needs.finalize.result == 'success'
     runs-on: ubuntu-latest
     permissions:
       contents: write
