mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-07-04 15:46:16 +00:00
Dependabot PRs run with no access to repository secrets and a read-only token, so the SOPS decrypt step (and the PR-comment step) fail. Give Dependabot a secret-free path: stub the secrets.yaml keys it reads and run init -backend=false + validate, skipping decrypt/plan/comment. Human PRs are unchanged and still get a full plan. |
||
|---|---|---|
| .. | ||
| workflows | ||
| dependabot.yml | ||