Prevent Sonar and Mutation Testing running when triggered by dependabot

* Add an if condition to the mutation testing GitHub action to prevent the mutation testing from being run if the GitHub actor is dependabot. * Add a conditional job for the build workflow to not generate a sonar report when triggered by dependabot.
NHSDigital · Dec 18, 2024 · 6e81a79 · 6e81a79
1 parent 161e0b0
commit 6e81a79
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/.github/workflows/build_workflow.yml b/.github/workflows/build_workflow.yml
@@ -107,11 +107,17 @@ jobs:
         uses: gradle/actions/setup-gradle@v4
 
       - name: Execute Unit Tests
+        if: github.actor != 'dependabot[bot]'
         run: ./gradlew test jacocoTestReport sonar --parallel --build-cache
         working-directory: ./service
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
+      - name: Execute Unit Tests
+        if: github.actor == 'dependabot[bot]'
+        run: ./gradlew test jacocoTestReport --parallel --build-cache
+        working-directory: ./service
+
       - name: Collect Artifacts
         if: always()
         run: |

diff --git a/.github/workflows/mutationtesting.yml b/.github/workflows/mutationtesting.yml
@@ -6,7 +6,7 @@ jobs:
   pitest:
     # Only run on PRs from the repo. PRs from forks will fail due to lack of permissions and
     # must use a two stage process
-    if: github.event.pull_request.head.repo.full_name == github.repository
+    if: github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]'
     runs-on: ubuntu-latest
     steps:
       - name: Checkout project