Skip to content

Commit 3236d1b

Browse files
committed
⚙️ setup (ci): skip package and container builds for Dependabot PRs
1 parent aecdd41 commit 3236d1b

3 files changed

Lines changed: 6 additions & 0 deletions

File tree

.github/workflows/ci.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,10 @@ jobs:
3333
if [ "$GITHUB_EVENT_BEFORE" = "0000000000000000000000000000000000000000" ]; then
3434
# Initial push has no valid "before" SHA, so capture all reachable commits
3535
COMMITS=$(git log --format="%s" "$GITHUB_EVENT_AFTER")
36+
elif ! git cat-file -e "${GITHUB_EVENT_BEFORE}^{commit}" 2>/dev/null; then
37+
# Force-push: before SHA no longer exists, validate only the latest commit
38+
echo "⚠ Force-push detected — before SHA not found, validating HEAD commit only"
39+
COMMITS=$(git log --format="%s" -1 "$GITHUB_EVENT_AFTER")
3640
else
3741
COMMITS=$(git log --format="%s" "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}")
3842
fi

.github/workflows/container.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ permissions:
1818

1919
jobs:
2020
build:
21+
if: github.event_name != 'pull_request' || github.event.pull_request.user.login != 'dependabot[bot]'
2122
runs-on: ubuntu-latest
2223
steps:
2324
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4

.github/workflows/package.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ permissions:
2222

2323
jobs:
2424
publish:
25+
if: github.event_name != 'pull_request' || github.event.pull_request.user.login != 'dependabot[bot]'
2526
runs-on: ubuntu-latest
2627
steps:
2728
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4

0 commit comments

Comments
 (0)