Updated github workflow files

2025-12-21 21:16:17 +01:00 · 2025-07-11 02:31:31 +02:00 · 2025-07-11 02:31:31 +02:00 · 30fe2c0e4d
commit 30fe2c0e4d
parent 586901ebed
2 changed files with 41 additions and 30 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,4 +1,4 @@
-name: Build Docker Image
+name: Build and Deploy

 on:
  workflow_dispatch:
@ -9,18 +9,55 @@ on:
  release:
    types: [created]

-
 jobs:
+  # Update lockfile for Dependabot PRs
+  update-lockfile:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/')
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.head_ref }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+      
+      - uses: oven-sh/setup-bun@v1
+      
+      - name: Install and update lockfile
+        run: bun install
+      
+      - name: Commit and push updated lockfile
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add bun.lock
+          git commit -m "chore: update lockfile (auto-fix for Dependabot PR)" || exit 0
+          git push
+
+  # Build and push Docker image
  build:
    runs-on: ubuntu-latest
-
+    needs: [update-lockfile]
+    # Run this job if:
+    # 1. This is NOT a PR (like push to main or release)
+    # 2. OR this is a PR but NOT from Dependabot
+    # 3. OR this is a Dependabot PR AND the update-lockfile job completed successfully
+    if: |
+      github.event_name != 'pull_request' || 
+      (github.event_name == 'pull_request' && !startsWith(github.head_ref, 'dependabot/')) ||
+      (github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/') && needs.update-lockfile.result == 'success')
+    
    permissions:
      contents: read
      packages: write
-
+    
    steps:
    - name: Checkout code
      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/') && github.head_ref || '' }}

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3
--- a/.github/workflows/update-lockfile.yml
+++ b/.github/workflows/update-lockfile.yml
@ -1,26 +0,0 @@
-name: Update Bun Lockfile
-
-on:
-  pull_request:
-    paths:
-      - 'package.json'
-
-jobs:
-  fix-lockfile:
-    runs-on: ubuntu-latest
-    if: startsWith(github.head_ref, 'dependabot/')
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.head_ref }}
-      - uses: oven-sh/setup-bun@v1
-      - name: Install and update lockfile
-        run: |
-          bun install
-      - name: Commit and push updated lockfile
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add bun.lock
-          git commit -m "chore: update lockfile (auto-fix for Dependabot PR)" || exit 0
-          git push