Merge pull request #153 from TechnologyEnhancedLearning/ci-dependabot-setup

Phil-NHS · web-flow · commit 948512354f3b · 2025-08-28T09:25:12.000+01:00
chore(dependabot): allow dependabot commit names
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -7,22 +7,8 @@ registries:
     type: nuget-feed
     # Dependabot needs access before it ignores, so still need to access TELBlazor despite ignoring it
     url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json
-    # not expected to work
     token: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }}
-    # username: Phil-NHS
-    # password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }}
-    
-    ## password: ${{ secrets.NUGETKEY }}# No access to the secret as expected
-    ## username: kevwhitt-hee <- should be this really kevin made the pat
-    ## password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }}
-    ## username: "kevin.whittaker"
-    ## qqqq del
-    ##     username: "kevin.whittaker" 
-    # # Though we ignore the feed it will still need to know about it
-    # # dependabot is more restrictive it needs a better key
-    # # https://github.com/TechnologyEnhancedLearning/TELBlazor/network/updates
-    # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot
-    # token: ${{ secrets.NUGETKEY }}
+
 updates:
   - package-ecosystem: "nuget"
     directory: "/"
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
@@ -29,6 +29,7 @@ jobs:
 
   dev-call-reusable-ci-checks-workflow:
     name: Dev Run CI checks
+    # Not using @master so it uses its own check rules
     uses: ./.github/workflows/reuseable-ci-checks.yml
     with:
       runall: true
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -14,7 +14,7 @@ jobs:
         
   pull-request-call-reusable-ci-checks-workflow:
     name: Pull Request run CI Checks
-    uses: ./.github/workflows/reuseable-ci-checks.yml
+    uses: ./.github/workflows/reuseable-ci-checks.yml@master
     needs: dummy
     with:
       runall: true
diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml
@@ -143,8 +143,6 @@ jobs:
         status: ${{ job.status }}
       runs-on: ubuntu-latest
       
-
-      
       steps:
         # Checkout so can get access to the file
         - name: Checkout repository
@@ -207,11 +205,24 @@ jobs:
       outputs:
         status: ${{ job.status }}
       steps:
-        - uses: actions/checkout@v4
+        - name: Checkout repository
+          uses: actions/checkout@v4
           with:
             fetch-depth: 0
-        
-        - uses: wagoid/commitlint-github-action@v5
+
+        - name: Check branch and run commitlint
+          run: |
+            BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}"
+            echo "Branch name: $BRANCH_NAME"
+            if [[ "$BRANCH_NAME" =~ ^dependabot/ ]]; then
+              echo "✅ Branch is a dependabot branch - skipping commitlint"
+              exit 0
+            else
+              echo "Regular branch - will run commitlint in next step"
+            fi
+
+        - name: Run commitlint action
+          uses: wagoid/commitlint-github-action@v5
           with:
             configFile: .commitlintrc.json
             # Only set from/to if inputs are provided, otherwise let action use defaults
