fix: skips sonar scans for dependabot updates (#1656)

* fix: skips sonar scans for dependabot updates Dependabot updates only include third party dependency updates Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> * fix: updates workflow if statement formatting Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> --------- Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
oscal-compass · Aug 9, 2024 · 050c425 · 050c425
1 parent e27f0cd
commit 050c425
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml
@@ -157,7 +157,7 @@ jobs:
         path: coverage.xml
 
   sonar:
-    if: ${{ github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url }}
+    if: ${{ (github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url && github.triggering_actor != 'dependabot[bot]' ) }}
     runs-on: ubuntu-latest
     needs: [ test, set-versions]
     steps: