GitHub Actions - Ignore or exclude Dependabot Pull Requests

Question

I have a repository with Dependabot in it, that opens PR on version updates, etc which I would like to keep.

In the same repository, I have a GitHub Action for Pull Requests for my team to use.

My issue is that the Dependabot keeps triggering the Pull Request action no matter what I tried.

My PR action have to be triggered on staging branch pull requests, like so:

name: Pull Request
on:
  pull_request:
    branches:
      - staging

So I can't use both on pull_reuqest AND branches_ignore - as stated in the documentation

Workflow attempts I have tried so far that unfortunately haven't worked:

name: Pull Request
on:
  pull_request:
    branches:
      - staging
      - '!dependabot/**'

---

name: Pull Request
on:
  pull_request:
    branches:
      - staging

jobs:
  Build:
    if: github.actor!= 'dependabot-preview[bot]'
    name: Build
    runs-on: ubuntu-latest
    steps:
    - name: Check out code
      uses: actions/checkout@v2

---

I have also tried excluding the Dependabot user like so:

if: github.actor!= 'depbot'

Would love some insights or answers on how you have dealt with this issue.

Thanks!

Answer 1

I guess there were many changes over the years and you can find outdated ways all over the web. The actual way is documented in the Dependabot documentation

if: ${{ github.actor != 'dependabot[bot]' }}

Note that nowadays you can also check the github.triggering_actor - if you want workflow to be skipped if Dependabot triggered it, but want to be able to manually trigger it on a PR that was opened by Dependabot.