From 050c425771ccb52bd263b011e37e128a1eb8205f Mon Sep 17 00:00:00 2001
From: Jennifer Power <barnabei.jennifer@gmail.com>
Date: Fri, 9 Aug 2024 10:26:02 -0400
Subject: [PATCH] fix: skips sonar scans for dependabot updates (#1656)

* fix: skips sonar scans for dependabot updates

Dependabot updates only include third party dependency updates

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

* fix: updates workflow if statement formatting

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

---------

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
---
 .github/workflows/python-test.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml
index b3a02de17..3d8ef5178 100644
--- a/.github/workflows/python-test.yml
+++ b/.github/workflows/python-test.yml
@@ -157,7 +157,7 @@ jobs:
         path: coverage.xml
 
   sonar:
-    if: ${{ github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url }}
+    if: ${{ (github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url && github.triggering_actor != 'dependabot[bot]' ) }}
     runs-on: ubuntu-latest
     needs: [ test, set-versions]
     steps: