check rclone failure explicitly

domsolutions · domsolutions · commit 9e4001d1e602 · 2025-10-22T09:11:12.000+01:00
diff --git a/.github/workflows/security_tests_v1.yml b/.github/workflows/security_tests_v1.yml
@@ -278,10 +278,18 @@ jobs:
         echo "RCLONE_IMAGE_TAG=$RCLONE_IMAGE_TAG" >> $GITHUB_ENV
         make IMAGE_TAG=$RCLONE_IMAGE_TAG docker-build
     - name: Scan rclone
+      id: scan-rclone
       uses: snyk/actions/docker@master
       env:
         SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
       with:
         image: ${{ env.RCLONE_IMAGE_TAG}}
 #        TODO fix, passes even if CVEs found
         args: --fail-on=upgradable --app-vulns --severity-threshold=high --file=components/rclone-storage-initializer/Dockerfile
+    - name: Check for image scan failures
+      if: always()
+      run: |
+        if [ "${{ steps.scan-rclone.outcome }}" != "success" ]; then
+          echo "Rclone docker image scan failed"
+          exit 1
+        fi    
