From 5f4140a4169fb78c448393aa17ab3e69482a39cc Mon Sep 17 00:00:00 2001 From: "Matt Wicks [SSW]" Date: Tue, 21 Nov 2023 18:44:05 +1100 Subject: [PATCH] Workflows - run CodeQL and ADR report publishing after main workflow (#199) * CodeQL - Remove pull_request trigger * Dependabot - check for .net and GH action updates weekly * workflows - run codeql & adr after dotnet workflow on main otherwise the test results workflow may attach the report to the wrong workflow see https://github.com/dorny/test-reporter/issues/67 --- .github/dependabot.yml | 12 ++++++++++++ .github/workflows/codeql.yml | 11 ++++++----- .github/workflows/publish-log4brains.yml | 7 +++++-- 3 files changed, 23 insertions(+), 7 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..48544b94 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +version: 2 + +updates: + - package-ecosystem: "dotnet" + directory: "/" + schedule: + interval: "weekly" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 88d6105c..0a4f28b9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,10 +1,11 @@ name: "Code Scanning - Action" - on: - push: - branches: [main] - pull_request: - branches: [main] + workflow_run: + workflows: ['.NET'] # runs after .NET workflow + types: + - completed + branches: + - 'main' jobs: CodeQL-Build: diff --git a/.github/workflows/publish-log4brains.yml b/.github/workflows/publish-log4brains.yml index 4b176863..9204c73c 100644 --- a/.github/workflows/publish-log4brains.yml +++ b/.github/workflows/publish-log4brains.yml @@ -1,8 +1,11 @@ name: Publish Log4brains on: - push: + workflow_run: + workflows: ['.NET'] # runs after .NET workflow + types: + - completed branches: - - main + - 'main' jobs: build-and-publish: runs-on: ubuntu-latest