From a9d086990532f7bd80e8574ae19b5f8dc665a259 Mon Sep 17 00:00:00 2001 From: Piotr Krawiec Date: Thu, 23 Nov 2023 09:31:08 +0100 Subject: [PATCH 1/2] feat: Allow dependabot to run Tests and get access to secrets --- .github/workflows/chatlib.yml | 6 +++++- .github/workflows/dependabot_pr.yml | 12 ++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dependabot_pr.yml diff --git a/.github/workflows/chatlib.yml b/.github/workflows/chatlib.yml index f5ae0cb..ea02e16 100644 --- a/.github/workflows/chatlib.yml +++ b/.github/workflows/chatlib.yml @@ -1,9 +1,13 @@ -name: Python application +name: Lint, test and format chatblib on: pull_request: paths: - "chatlib/**" + workflow_run: + workflows: ["Dependabot PR Check"] + types: + - completed permissions: contents: read diff --git a/.github/workflows/dependabot_pr.yml b/.github/workflows/dependabot_pr.yml new file mode 100644 index 0000000..2d444ca --- /dev/null +++ b/.github/workflows/dependabot_pr.yml @@ -0,0 +1,12 @@ +### .github/workflows/dependabot_pr.yml +### This workflow doesn't have access to secrets and has a read-only token +name: Dependabot PR Check +on: + pull_request + +jobs: + check-dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - run: echo "PR created by Dependabot" From f875bb3e381747d3f55e18acded3bc02e902f856 Mon Sep 17 00:00:00 2001 From: Piotr Krawiec Date: Thu, 23 Nov 2023 09:42:28 +0100 Subject: [PATCH 2/2] feat: Add manual workflow dispatch --- .github/workflows/chatlib.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/chatlib.yml b/.github/workflows/chatlib.yml index ea02e16..019aae9 100644 --- a/.github/workflows/chatlib.yml +++ b/.github/workflows/chatlib.yml @@ -1,6 +1,7 @@ name: Lint, test and format chatblib on: + workflow_dispatch: pull_request: paths: - "chatlib/**"