From ddeb3760e78e8d728fbbd07dc34e2de95ab9be9e Mon Sep 17 00:00:00 2001
From: Sebastian Serth <Sebastian.Serth@hpi.de>
Date: Wed, 15 Feb 2023 14:29:28 +0100
Subject: [PATCH] Move GitHub action filter to actual Trivy job

Formally, I was editing the wrong job that did not had any issues. Let's try again :)
---
 .github/workflows/ci.yml              | 1 +
 .github/workflows/codeql-analysis.yml | 5 -----
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 792a0e0..5f0e92c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -101,6 +101,7 @@ jobs:
   dep-scan:
     runs-on: ubuntu-latest
     needs: [ compile ]
+    if: github.event_name != 'push' || github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' && github.actor != 'dependabot'
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 884245f..320fa3c 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -13,7 +13,6 @@ jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
-    if: github.event_name != 'push' || github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' && github.actor != 'dependabot'
     permissions:
       actions: read
       contents: read
@@ -27,10 +26,6 @@ jobs:
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
-    # Temporarily debug runs on the main branch triggered by Dependabot after an automatic merge
-    - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
-    - run: echo "🎉 The job was automatically triggered by ${{ github.actor }}."
-
     - name: Checkout repository
       uses: actions/checkout@v3