Skip to content

ci: allow dependabot PRs to skip deployments to cloudflare#1235

Merged
fhammerschmidt merged 7 commits intomasterfrom
vlk/allow-dependabot-to-merge
Apr 8, 2026
Merged

ci: allow dependabot PRs to skip deployments to cloudflare#1235
fhammerschmidt merged 7 commits intomasterfrom
vlk/allow-dependabot-to-merge

Conversation

@jderochervlk
Copy link
Copy Markdown
Collaborator

@jderochervlk jderochervlk commented Apr 7, 2026
edited
Loading

image

This pull request updates the deployment workflow to prevent certain steps from running when the workflow is triggered by Dependabot. Specifically, the deployment and pull request comment steps will now be skipped if the actor is Dependabot.

Workflow condition updates:

  • Added a condition to the "Deploy" step in .github/workflows/deploy.yml so it does not run when the workflow is triggered by dependabot[bot].
  • Added a similar condition to the "Comment PR with deployment link" step to skip commenting when triggered by dependabot[bot].

@jderochervlk
ci: allow dependabot PRs to deploy via pull_request_target
0f01cd4 
GitHub restricts secrets for pull_request events triggered by
dependabot[bot]. Switch dependabot PRs to pull_request_target,
which runs in the base branch context and has access to secrets.

- Add pull_request_target trigger
- Route dependabot PRs through pull_request_target only
- Route all other PRs through pull_request only (no double runs)
- Checkout PR head SHA for pull_request_target events
@jderochervlk
Merge branch 'master' of github.com:rescript-lang/rescript-lang.org i…
2eedd08 
…nto vlk/allow-dependabot-to-merge
@jderochervlk jderochervlk marked this pull request as ready for review April 7, 2026 19:03

This comment was marked as outdated.

Sign in to view

@jderochervlk
Update .github/workflows/deploy.yml
db30fd2 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jderochervlk jderochervlk marked this pull request as draft April 7, 2026 19:13
@jderochervlk jderochervlk changed the title ci: allow dependabot PRs to deploy via pull_request_target ci: allow dependabot PRs to skip deployments to cloudflare Apr 7, 2026
@jderochervlk jderochervlk marked this pull request as ready for review April 7, 2026 19:36
@jderochervlk jderochervlk requested a review from Copilot April 7, 2026 19:49
Copilot AI reviewed Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 7, 2026

Cloudflare deployment

Deployement ID: ebe8e590-bda1-4041-b6cc-b30f3c016503
Deployment Environment: preview

⛅️ wrangler 4.63.0 (update available 4.81.0)
─────────────────────────────────────────────
✨ Compiled Worker successfully
Uploading... (7656/7658)
Uploading... (7657/7658)
Uploading... (7658/7658)
✨ Success! Uploaded 2 files (7656 already uploaded) (3.90 sec)

✨ Uploading _redirects
✨ Uploading Functions bundle
🌎 Deploying...
✨ Deployment complete! Take a peek over at https://ebe8e590.rescript-lang.pages.dev
✨ Deployment alias URL: https://vlk-allow-dependabot-to-merg.rescript-lang.pages.dev

@fhammerschmidt fhammerschmidt merged commit ce8ce7a into master Apr 8, 2026
5 checks passed
@fhammerschmidt fhammerschmidt deleted the vlk/allow-dependabot-to-merge branch April 8, 2026 09:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@fhammerschmidt fhammerschmidt fhammerschmidt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jderochervlk @fhammerschmidt