From 94956128fa283dc6d6eaedbf85a5c77bf06ddc65 Mon Sep 17 00:00:00 2001
From: Timo Furrer <tfurrer@gitlab.com>
Date: Tue, 23 Jan 2024 11:27:28 +0100
Subject: [PATCH] Add container scanning include rules

---
 .gitlab-ci.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 21cd672..4cd810f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -22,6 +22,13 @@ include:
       analyzer_image: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"
       # FIXME: why do I have to set this, this is weird ...
       force_run: true
+    rules:
+      - changes:
+          - Dockerfile
+          - .gitlab-ci.yml
+          - src/gitlab-tofu.sh
+      - if: $CI_COMMIT_TAG
+      - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 stages:
   - build
-- 
GitLab