fix: GSSA inputs and version update#467
Merged
mkolasinski-splunk merged 25 commits intomainfrom Feb 25, 2026
Merged
Conversation
### Description Small update README to reflect that the job can also be triggered by adding the execute_gs_scorecard label to a pull request. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here)
### Description add check splunktafunctionaltests exists lookup to dev_deps https://github.com/splunk/splunk-add-on-for-amazon-web-services/actions/runs/21622988369 ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here)
…#462) ### Description Added new optional inputs for gs-image-version and gs-version to the reusable build-test-release workflow, allowing for more flexible version control of the GS scorecard Docker image and the scorecard itself. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Description (PR description goes here) ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done (for each selected checkbox, the corresponding test results link should be listed here)
### Description This PR increases the timeout for the btool-check step in the reusable workflow from 10 minutes to 20 minutes. Solution: Increasing the timeout to 20 minutes provides sufficient time for the Splunk environment to initialize and the btool check to complete ### Testing done Successful Run : https://github.com/splunk/splunk-add-on-for-salesforce/actions/runs/21819515317
### Description Fix scheduled runs incorrectly executing on all supported Splunk versions.
### Description This change updates the default version of the GSSA Docker image and introduces a step to display the generated output. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [ ] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done https://github.com/splunk/splunk-add-on-for-ibm-websphere-application-server/actions/runs/21909552333/job/63259720448
### Description Start passing or failing GSSA job. Release is still not dependant on it. ### Checklist - [ ] `README.md` has been updated or is not required - [ ] push trigger tests - [ ] manual release test - [ ] automated releases test - [x] pull request trigger tests - [ ] schedule trigger tests - [ ] workflow errors/warnings reviewed and addressed ### Testing done https://github.com/splunk/splunk-add-on-for-ibm-websphere-application-server/actions/runs/22131613911
mkolasinski-splunk
changed the title
dkaras-splunk
previously approved these changes
Feb 19, 2026
…in (#468) ## Summary - GSSA now only executes when the `execute_gs_scorecard` label is applied (no longer auto-runs on PRs to main) - For PRs targeting `main`, GSSA must have completed (pass or fail) before the PR can merge -- if skipped, `pre-publish` blocks with a clear error annotation and step summary message - Push to `main` continues to auto-run GSSA - Push to `develop`/`release/*`, schedule, and dispatch no longer run GSSA ## Changes ### `setup-workflow` job - Removed `execute_gs_scorecard` from `TESTS_TO_CONSIDER_FOR_EXECUTION` (no longer auto-enabled by branch/event logic) - Added explicit GSSA control after the `esac`: enables only when label is present (any PR) or on push to main ### `pre-publish` job - Added `run-gs-scorecard` to the `needs` list - Added a check: if the event is a PR to `main` and GSSA result is `skipped`, outputs `::error::` annotation, writes to `$GITHUB_STEP_SUMMARY`, and sets `run-publish=false` - Modified the existing jq filter to exclude `run-gs-scorecard` via `del(.["run-gs-scorecard"])` so GSSA failure doesn't block other checks ## Test results Tested on [splunk/splunk-add-on-for-ibm-websphere-application-server PR #388](splunk/splunk-add-on-for-ibm-websphere-application-server#388): | Test | Workflow Run | Result | |---|---|---| | PR to main **without** label — GSSA should be skipped, pre-publish should block | [Run #22358328636](https://github.com/splunk/splunk-add-on-for-ibm-websphere-application-server/actions/runs/22358328636) | PASS — GSSA skipped, pre-publish set `run-publish=false` with error annotation | | PR to main **with** `execute_gs_scorecard` label — GSSA should run, pre-publish should proceed | [Run #22370270246](https://github.com/splunk/splunk-add-on-for-ibm-websphere-application-server/actions/runs/22370270246) | PASS — GSSA ran (failed), pre-publish succeeded (result ignored) | JIRA: [ADDON-85652](https://splunk.atlassian.net/browse/ADDON-85652)
dkaras-splunk
approved these changes
Feb 25, 2026
|
🎉 This PR is included in version 5.2.3 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
fix: update GSSA default image version
fix: add pass/fail for GSSA job
fix: scheduled workflows only on latest Splunk
feat: add inputs for GSSA and GS standard versions
Checklist
README.mdhas been updated or is not requiredTesting done
https://github.com/splunk/splunk-add-on-for-microsoft-windows/pull/575
https://github.com/splunk/splunk-add-on-for-google-cloud-platform/pull/917
https://github.com/splunk/splunk-add-on-for-okta-identity-cloud/pull/412