Policies & Blocking
Sttor Containers supports flexible gating (“fail the job”) based on policy thresholds.
Blocking Inputs
- block-on-critical: fail if critical vulns exceed threshold (e.g., 0)
- block-on-high: fail if high+critical exceed threshold (e.g., 10)
- block-on-any: fail if any vulnerability exists (true/false)
- block-on-secrets: fail if any secrets are detected (true/false) GitHub
Blocking Behavior
When a policy triggers, the action exits with a non-zero code and the GitHub Actions job fails. GitHub
Also Supported
- Console-only mode: if backend inputs are not provided, results print in CI logs in tabular form. GitHub