Merge pull request #585 from lplewa/dependa

do not run builds twice on dependabot PRs

Author: lukaszstolarczuk

.github/workflows/bandit.yml

@@ -1,7 +1,10 @@
 # Bandit static analysis (for Python code)
 name: Bandit
-
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

.github/workflows/codeql.yml

@@ -5,7 +5,11 @@ name: CodeQL
 # "PR/push" workflow. For some reason permissions weren't properly set
 # or recognized (by Scorecard). If Scorecard changes its behavior we can
 # go back to use 'workflow_call' trigger.
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

.github/workflows/pr_push.yml

@@ -1,7 +1,11 @@
 # Checks required for a PR to merge. This workflow mostly call other workflows.
 name: PR/push
 
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}

.github/workflows/trivy.yml

@@ -7,6 +7,8 @@ name: Trivy
 # use 'workflow_call' trigger.
 on:
   push:
+    branches-ignore:
+      - 'dependabot/**'
   pull_request:
     paths:
       - '.github/docker/*Dockerfile'