mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
ci: restore dependabot rules (#1797)
Restores the dependabot rules in buildkite for the purpose of security fixes which are handled by dependabot still.
This commit is contained in:
parent
98b47227ee
commit
1e46ec6c44
|
@ -14,7 +14,7 @@ steps:
|
|||
if: build.branch != "master"
|
||||
|
||||
- wait:
|
||||
if: build.pull_request.repository.fork != true && build.branch !~ /^renovate\/.*/
|
||||
if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/
|
||||
|
||||
# Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
|
||||
- block: "Public fork needs approval"
|
||||
|
@ -32,7 +32,7 @@ steps:
|
|||
- label: ":rocket: Setup Deployment"
|
||||
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
|
||||
depends_on: ~
|
||||
if: build.branch != "master" && build.branch !~ /^renovate\/.*/ && build.pull_request.repository.fork != true
|
||||
if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true
|
||||
|
||||
# Removed dependency optimisation for forked PRs to enforce block step.
|
||||
- label: ":rocket: Setup Deployment"
|
||||
|
|
|
@ -33,7 +33,7 @@ cat << EOF
|
|||
EOF
|
||||
else
|
||||
cat << EOF
|
||||
if: build.branch !~ /^renovate\/.*/
|
||||
if: build.branch !~ /^(dependabot|renovate)\/.*/
|
||||
EOF
|
||||
fi
|
||||
done
|
||||
|
|
4
.github/probot.js
vendored
4
.github/probot.js
vendored
|
@ -4,6 +4,10 @@ on('pull_request.opened')
|
|||
context =>
|
||||
context.payload.pull_request.head.label.slice(0, 9) === 'authelia:'
|
||||
)
|
||||
.filter(
|
||||
context =>
|
||||
context.payload.pull_request.head.ref.slice(0, 11) !== 'dependabot/'
|
||||
)
|
||||
.filter(
|
||||
context =>
|
||||
context.payload.pull_request.head.ref.slice(0, 9) !== 'renovate/'
|
||||
|
|
Loading…
Reference in New Issue
Block a user