From 643655be1726e90768fc0e3758c13ebd74620fbe Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 3 Jul 2026 02:20:21 +0000 Subject: [PATCH] Skip Preview workflow for Dependabot PRs Dependabot-triggered runs read from the Dependabot secrets store, which is empty, so the Google Cloud auth step receives an empty credential and fails. Skip the preview job for Dependabot; CI still validates those PRs. Also guard the PR comment step so it doesn't post 'Failed to read preview output' when the preview step never ran. --- .github/workflows/preview.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml index 20b164f..01e21a1 100644 --- a/.github/workflows/preview.yml +++ b/.github/workflows/preview.yml @@ -16,8 +16,8 @@ jobs: preview: name: Preview Changes runs-on: ubuntu-latest - # Skip preview for fork PRs - they don't have access to secrets - if: github.event.pull_request.head.repo.full_name == github.repository + # Skip preview for fork PRs and Dependabot - they don't have access to Actions secrets + if: github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' environment: production steps: - name: Checkout code @@ -101,7 +101,7 @@ jobs: exit $PREVIEW_EXIT_CODE - name: Comment on PR - if: always() + if: always() && steps.preview.conclusion != 'skipped' uses: actions/github-script@v7 with: script: |