From c726679fdcbe30711f2e90daeea7fcab16c6eaaa Mon Sep 17 00:00:00 2001
From: Phil Leggetter <phil@leggetter.co.uk>
Date: Thu, 19 Dec 2024 15:05:19 +0000
Subject: [PATCH] chore: run if not dependabot or if the dependabot check
 passed and has been triggered by workflow_run

---
 .github/workflows/dependabot_pr.yml | 12 ++++++++++++
 .github/workflows/test.yml          |  9 ++++++---
 2 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/dependabot_pr.yml

diff --git a/.github/workflows/dependabot_pr.yml b/.github/workflows/dependabot_pr.yml
new file mode 100644
index 0000000..ad182c8
--- /dev/null
+++ b/.github/workflows/dependabot_pr.yml
@@ -0,0 +1,12 @@
+### .github/workflows/dependabot_pr.yml
+### This workflow doesn't have access to secrets and has a read-only token
+name: Dependabot PR Check
+on:
+  pull_request
+
+jobs:
+  check-dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - run: echo "PR created by Dependabot"
\ No newline at end of file
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 50be8b9..f0f4542 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,9 +1,11 @@
 name: test
 
 on:
-  pull_request_target:
-    types:
-      - opened
+  workflow_run:
+    workflows: ["Dependabot PR Check"]
+    types: 
+      - completed
+  pull_request:
     branches:
       - main
 
@@ -29,6 +31,7 @@ jobs:
 
   build-linux:
     runs-on: ubuntu-latest
+    if: ${{ github.actor != 'dependabot[bot]' || github.event.workflow_run.conclusion == 'success' }}
     env:
       # https://goreleaser.com/customization/docker_manifest/
       DOCKER_CLI_EXPERIMENTAL: "enabled"