From e3faddf39265df729c45b244ecc341ac5001bdbd Mon Sep 17 00:00:00 2001 From: Felix Sargent Date: Thu, 4 Jun 2026 11:14:05 +0100 Subject: [PATCH] fix: skip review-app deploy for Dependabot PRs Dependabot PRs run with a separate secrets store and cannot read the FLY_API_TOKEN Actions secret, so the review-app deploy fails with 'no access token available'. Guard the job with github.actor != 'dependabot[bot]'. Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/fly-review.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/fly-review.yml b/.github/workflows/fly-review.yml index b08e4e3..374a1fa 100644 --- a/.github/workflows/fly-review.yml +++ b/.github/workflows/fly-review.yml @@ -16,6 +16,9 @@ env: jobs: review_app: runs-on: ubuntu-latest + # Dependabot PRs run with a separate secrets store and cannot read + # FLY_API_TOKEN, so the review-app deploy fails. Skip them. + if: github.actor != 'dependabot[bot]' outputs: url: ${{ steps.deploy.outputs.url }} # Only run one deployment at a time per PR.