ci: run codeql on PRs from Dependabot

author Evgeny Vereshchagin <evvers@ya.ru>

Tue, 16 Nov 2021 10:46:16 +0000 (10:46 +0000)

committer Frantisek Sumsal <frantisek@sumsal.cz>

Wed, 17 Nov 2021 10:14:33 +0000 (10:14 +0000)
author Evgeny Vereshchagin <evvers@ya.ru>
Tue, 16 Nov 2021 10:46:16 +0000 (10:46 +0000)
committer Frantisek Sumsal <frantisek@sumsal.cz>
Wed, 17 Nov 2021 10:14:33 +0000 (10:14 +0000)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml

index 460002eaeb1354730e68564fec4fc5ce00509ecf..03517c9955e5c24c52d02eec12df4ef1cce97065 100644 (file)
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -5,6 +5,8 @@
  name: "CodeQL"
  
  on:
+  pull_request:
+    branches: [main]
    # It takes the workflow approximately 30 minutes to analyze the code base
    # so it doesn't seem to make much sense to trigger it on every PR or commit.
    # It runs daily at 01:00 to avoid colliding with the Coverity workflow.
@@ -18,6 +20,7 @@ jobs:
    analyze:
      name: Analyze
      runs-on: ubuntu-latest
+    if: github.event_name == 'schedule' || github.event.pull_request.user.login == 'dependabot[bot]'
      concurrency:
        group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }}
        cancel-in-progress: true
author	Evgeny Vereshchagin <evvers@ya.ru>
	Tue, 16 Nov 2021 10:46:16 +0000 (10:46 +0000)
committer	Frantisek Sumsal <frantisek@sumsal.cz>
	Wed, 17 Nov 2021 10:14:33 +0000 (10:14 +0000)