Add an auto-merge step for Dependabot Pull Request #2608
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request aims to further automize Dependabot pull requests.
Earlier, we introduced automation to approve pull requests.
The adjustments below aim to automatically merge pull requests originating from the "actor"
dependabot[bot]
.Note that part of this pull request is branch protection settings within this repository, which since they are GitHub settings cannot be part of the PR.
These settings require a successful run of the JDK8, JDK11, and JDK17 builds for a given pull request.
So when any of the three fails, the branch protection rule ensures the pull request cannot be automatically merged.
Furthermore, to minimize the impact of this automation, for now, I've set it to only act on patch version increments.
This is done through the
if
block validating whether theupdate-type
is of typesemver-patch
.Lastly, it's worthwhile to note that I've based all this on the Dependabot automation documentation of GitHub