From 0cea26515349304c5761d88349af2a97a6d9b57a Mon Sep 17 00:00:00 2001 From: Domenico Sibilio Date: Thu, 25 Jan 2024 12:08:04 +0100 Subject: [PATCH] ACS-6650 Avoid running SAST scan on DependaBot PRs (#2418) Skipping SAST scan on DependaBot PRs as it won't provide any additional insights and requires sharing more secrets with DependaBot than we're willing to. --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index af973bd52f..0266826379 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,6 +74,7 @@ jobs: needs: [prepare] if: > (github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') && + github.actor != 'dependabot[bot]' && !contains(github.event.head_commit.message, '[skip tests]') && !contains(github.event.head_commit.message, '[force') steps: