4 Commits

Author SHA1 Message Date
Marijn 806cff8c0f ci: optimise build pipeline — shared dev image build and skip tests on tag push (#167)
* ci: split dev image build into a shared job

Extract the Docker build step into a dedicated `build` job so `quality`
and `tests` no longer each build the image independently. Both jobs now
load from the shared `devbuild` GHA cache scope and declare `needs: build`.

* ci: skip quality+tests on tag push, verify prior CI run instead

When tagging a commit that already passed CI on main, there is no need
to run quality and tests again. Both jobs now skip for tag refs.

A new `verify-prior-run` job runs instead: it queries the GitHub API for
a prior successful CI run on the same SHA (excluding the current run) and
fails fast if none is found, preventing deployment of untested tags.

`build-deploy` now uses `always() && !cancelled() && !failure()` so it
handles the mix of skipped (quality/tests) and successful (verify-prior-run)
needed jobs correctly.

* ci: bump GitHub Actions to Node.js 24 compatible versions

* ci: add Dependabot config for GitHub Actions version updates

* ci: pin all GitHub Actions to commit SHAs

* ci: disable credential persistence on all checkout steps
2026-07-03 12:18:29 +02:00
Marijn aa39db3f5e Dependabot config (#105)
* Group Symfony and twig

* Enable automerge for dev dependencies
2026-05-21 20:35:48 +02:00
Marijn 311fbf607c Change Dependabot schedule to daily and add Docker 2025-10-21 20:51:11 +02:00
Marijn c6fe553341 Create dependabot.yml 2025-07-25 13:04:20 +02:00