From 21ea2d6d0ea58152ec103adddad0516dbac9964a Mon Sep 17 00:00:00 2001
From: Axel PASCON <axlpascon@gmail.com>
Date: Mon, 4 Nov 2024 21:56:03 +0100
Subject: [PATCH] fix workflows

---
 .github/workflows/dependabot.yml        | 102 +++++++++++++++++++++++-
 .github/workflows/dependabot_onpush.yml |  32 --------
 .github/workflows/manual_dependabot.yml |  88 --------------------
 3 files changed, 101 insertions(+), 121 deletions(-)
 delete mode 100644 .github/workflows/dependabot_onpush.yml
 delete mode 100644 .github/workflows/manual_dependabot.yml

diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
index 83c816f..074338b 100644
--- a/.github/workflows/dependabot.yml
+++ b/.github/workflows/dependabot.yml
@@ -1,6 +1,11 @@
 
 name: 'Dependency review'
 on:
+  push:
+    branches: 
+      - "main"
+      - "**/dev/**"
+      - "release/**"
   pull_request:
     branches: 
       - "main"
@@ -11,15 +16,67 @@ on:
       - synchronize
       - reopened
       - ready_for_review
+  workflow_dispatch:
+    inputs:
+      # Associated to `allow-licenses` or `deny-licenses` workflow options
+      license-selection:
+        description: 'Select the licenses to deny or allow'
+        required: true
+        type: string
+        default: 'GPL-1.0-or-later, LGPL-2.0-or-later'
+      # Describes what the previous selection will do
+      license-action:
+        description: 'Select the action to take on the selected licenses'
+        required: true
+        type: choice
+        default: deny
+        options:
+          - deny
+          - allow
+      # Associated to `fail-on-severity` workflow option
+      severity-selection:
+        description: 'Select the severity level to fail on'
+        required: true
+        type: choice
+        default: low
+        options:
+          - low
+          - moderate
+          - high
+          - critical
+      # Associated to `warn-only` workflow option
+      warn-only:
+        description: 'Select whether to fail the workflow or just warn'
+        required: true
+        type: boolean
+        default: false
+      # Associated to `fail-on-scopes` workflow option
+      scopes:
+        description: 'Select the scopes to run the action on'
+        required: true
+        type: choice
+        options:
+          - runtime
+          - development
+          - unknown
+        default: runtime
 
 permissions:
   contents: read
   # Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option
   pull-requests: write
 
+env:
+  HEAD_REF: ${{ github.event.ref }}
+  BASE_REF: ${{ (github.event.base_ref != null) && github.event.base_ref || github.event.ref }}
+  IS_PR: ${{ contains(github.event_name, 'pull_request') }}
+  IS_PUSH: ${{ contains(github.event_name, 'push') }}
+  IS_MANUAL: ${{ contains(github.event_name, 'workflow_dispatch') }}
+
 jobs:
-  dependency-review:
+  dependency-review-on-pr:
     runs-on: ubuntu-latest
+    if: ${{ contains(github.event_name, 'pull_request') }}
     steps:
       - name: 'Checkout repository'
         uses: actions/checkout@v4
@@ -29,3 +86,46 @@ jobs:
           comment-summary-in-pr: always
           fail-on-severity: low
           deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
+  dependency-review-on-push:
+    runs-on: ubuntu-latest
+    if: ${{ contains(github.event_name, 'push') }}
+    steps:
+      - name: 'Checkout repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: low
+          deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
+          base-ref: ${{ env.BASE_REF }}
+          head-ref: ${{ env.HEAD_REF }}
+  dependency-review-manual-with-allow-licenses:
+    runs-on: ubuntu-latest
+    if: ${{ (contains(github.event_name, 'workflow_dispatch') && inputs['license-action'] == 'allow') }}
+    steps:
+      - name: 'Checkout repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: ${{ inputs['severity-selection'] }}
+          allow-licenses: ${{ inputs['license-selection'] }}
+          warn-only: ${{ inputs['warn-only'] }}
+          fail-on-scopes: ${{ inputs['scopes'] }}
+          base-ref: ${{ env.BASE_REF }}
+          head-ref: ${{ env.HEAD_REF }}
+  dependency-review-manual-with-deny-licenses:
+    runs-on: ubuntu-latest
+    if: ${{ (contains(github.event_name, 'workflow_dispatch') && inputs['license-action'] == 'deny') }}
+    steps:
+      - name: 'Checkout repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: ${{ inputs['severity-selection'] }}
+          deny-licenses: ${{ inputs['license-selection'] }}
+          warn-only: ${{ inputs['warn-only'] }}
+          fail-on-scopes: ${{ inputs['scopes'] }}
+          base-ref: ${{ env.BASE_REF }}
+          head-ref: ${{ env.HEAD_REF }}
\ No newline at end of file
diff --git a/.github/workflows/dependabot_onpush.yml b/.github/workflows/dependabot_onpush.yml
deleted file mode 100644
index 906d7b0..0000000
--- a/.github/workflows/dependabot_onpush.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-
-name: 'Dependency review'
-on:
-  push:
-    branches: 
-      - "main"
-      - "**/dev/**"
-      - "release/**"
-
-permissions:
-  contents: read
-  # Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option
-  # pull-requests: write
-
-env:
-  HEAD_REF: ${{ github.event.ref }}
-  BASE_REF: ${{ (github.event.base_ref != null) && github.event.base_ref || github.event.ref }}
-
-jobs:
-  dependency-review:
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Checkout repository'
-        uses: actions/checkout@v4
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4
-        with:
-          comment-summary-in-pr: always
-          fail-on-severity: low
-          deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
-          base-ref: ${{ env.BASE_REF }}
-          head-ref: ${{ env.HEAD_REF }}
diff --git a/.github/workflows/manual_dependabot.yml b/.github/workflows/manual_dependabot.yml
deleted file mode 100644
index 965aab7..0000000
--- a/.github/workflows/manual_dependabot.yml
+++ /dev/null
@@ -1,88 +0,0 @@
-
-name: 'Manual dependency review'
-on:
-  workflow_dispatch:
-    inputs:
-      # Associated to `allow-licenses` or `deny-licenses` workflow options
-      license-selection:
-        description: 'Select the licenses to deny or allow'
-        required: true
-        type: string
-        default: 'GPL-1.0-or-later, LGPL-2.0-or-later'
-      # Describes what the previous selection will do
-      license-action:
-        description: 'Select the action to take on the selected licenses'
-        required: true
-        type: choice
-        default: deny
-        options:
-          - deny
-          - allow
-      # Associated to `fail-on-severity` workflow option
-      severity-selection:
-        description: 'Select the severity level to fail on'
-        required: true
-        type: choice
-        default: low
-        options:
-          - low
-          - moderate
-          - high
-          - critical
-      # Associated to `warn-only` workflow option
-      warn-only:
-        description: 'Select whether to fail the workflow or just warn'
-        required: true
-        type: boolean
-        default: false
-      # Associated to `fail-on-scopes` workflow option
-      scopes:
-        description: 'Select the scopes to run the action on'
-        required: true
-        type: choice
-        options:
-          - runtime
-          - development
-          - unknown
-        default: runtime
-
-permissions:
-  contents: read
-  # Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option
-  # pull-requests: write
-
-env:
-  HEAD_REF: ${{ github.event.ref }}
-  BASE_REF: ${{ (github.event.base_ref != null) && github.event.base_ref || github.event.ref }}
-
-jobs:
-  dependency-review_with_allow_licenses:
-    runs-on: ubuntu-latest
-    if: ${{ inputs['license-action'] == 'allow' }}
-    steps:
-      - name: 'Checkout repository'
-        uses: actions/checkout@v4
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4
-        with:
-          fail-on-severity: ${{ inputs['severity-selection'] }}
-          allow-licenses: ${{ inputs['license-selection'] }}
-          warn-only: ${{ inputs['warn-only'] }}
-          fail-on-scopes: ${{ inputs['scopes'] }}
-          base-ref: ${{ env.BASE_REF }}
-          head-ref: ${{ env.HEAD_REF }}
-  dependency-review_with_deny_licenses:
-    runs-on: ubuntu-latest
-    if: ${{ inputs['license-action'] == 'deny' }}
-    steps:
-      - name: 'Checkout repository'
-        uses: actions/checkout@v4
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4
-        with:
-          fail-on-severity: ${{ inputs['severity-selection'] }}
-          deny-licenses: ${{ inputs['license-selection'] }}
-          warn-only: ${{ inputs['warn-only'] }}
-          fail-on-scopes: ${{ inputs['scopes'] }}
-          base-ref: ${{ env.BASE_REF }}
-          head-ref: ${{ env.HEAD_REF }}