ci: fix dependabot for audit and cont_integration workflows #1377
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
We are getting errors on dependabot generated PRs. See:
https://github.com/bitcoindevkit/bdk/actions/runs/8310897352
https://github.com/bitcoindevkit/bdk/actions/runs/8310897348
To fix this one of the recommended solutions is to exclude
push
triggered workflow runs for the dependabot created PR branches,push
trigger is sufficient. See: Error: 403 "Resource not accessible by integration".Notes to the reviewers
An alternative fix is to remove the
push
trigger but this seemed like a smaller change and the audit workflow only uses thepush
trigger and I'm not sure if it will break if we switch it to usepull_request
instead.It's a little annoying having dependabot create PRs but since it only triggers on security related issues it's worth having so we don't forget to do those updates.
Changelog notice
None.
Checklists
All Submissions:
cargo fmt
andcargo clippy
before committing