ci: let trivy image scan working on pull_request for dependabot.

Signed-off-by: Lan Liang <gcslyp@gmail.com>
karmada-io · Mar 28, 2024 · 3a85902 · 3a85902
1 parent ff7322a
commit 3a85902
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.github/workflows/ci-image-scanning.yaml b/.github/workflows/ci-image-scanning.yaml
@@ -1,10 +1,13 @@
 name: image-scanning
 on:
   push: 
+  pull_request:
 jobs:
   use-trivy-to-scan-image:
     name: image-scanning
-    if: ${{ github.repository == 'karmada-io/karmada' }}
+    # Trigger by pull_request to work for dependabot, for running github/codeql-action/upload-sarif
+    # Otherwise trigger by push
+    if: (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request') || ( github.actor != 'dependabot[bot]' && github.event_name == 'push' ) 
     runs-on: ubuntu-22.04
     strategy:
       fail-fast: false