Merge pull request #585 from lplewa/dependa

do not run builds twice on dependabot PRs
oneapi-src · Jul 2, 2024 · 26fe3ee · 26fe3ee
2 parents 9be120a + 648fb17
commit 26fe3ee
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 4 deletions.
diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
@@ -1,7 +1,10 @@
 # Bandit static analysis (for Python code)
 name: Bandit
-
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -5,7 +5,11 @@ name: CodeQL
 # "PR/push" workflow. For some reason permissions weren't properly set
 # or recognized (by Scorecard). If Scorecard changes its behavior we can
 # go back to use 'workflow_call' trigger.
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

diff --git a/.github/workflows/pr_push.yml b/.github/workflows/pr_push.yml
@@ -1,7 +1,11 @@
 # Checks required for a PR to merge. This workflow mostly call other workflows.
 name: PR/push
 
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -7,6 +7,8 @@ name: Trivy
 # use 'workflow_call' trigger.
 on:
   push:
+    branches-ignore:
+      - 'dependabot/**'
   pull_request:
     paths:
       - '.github/docker/*Dockerfile'