From 3a859026e984de5ba62abb7c49cdf851a2ac52d2 Mon Sep 17 00:00:00 2001
From: Lan Liang <gcslyp@gmail.com>
Date: Wed, 27 Mar 2024 23:44:56 +0000
Subject: [PATCH] ci: let trivy image scan working on pull_request for
 dependabot.

Signed-off-by: Lan Liang <gcslyp@gmail.com>
---
 .github/workflows/ci-image-scanning.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci-image-scanning.yaml b/.github/workflows/ci-image-scanning.yaml
index 1774ec0c1b29..9908c4759edf 100644
--- a/.github/workflows/ci-image-scanning.yaml
+++ b/.github/workflows/ci-image-scanning.yaml
@@ -1,10 +1,13 @@
 name: image-scanning
 on:
   push: 
+  pull_request:
 jobs:
   use-trivy-to-scan-image:
     name: image-scanning
-    if: ${{ github.repository == 'karmada-io/karmada' }}
+    # Trigger by pull_request to work for dependabot, for running github/codeql-action/upload-sarif
+    # Otherwise trigger by push
+    if: (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request') || ( github.actor != 'dependabot[bot]' && github.event_name == 'push' ) 
     runs-on: ubuntu-22.04
     strategy:
       fail-fast: false