Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add an auto-merge step for Dependabot Pull Request #2608

Merged
merged 1 commit into from Feb 20, 2023
Merged

Add an auto-merge step for Dependabot Pull Request #2608

merged 1 commit into from Feb 20, 2023

Conversation

smcvb
Copy link
Member

@smcvb smcvb commented Feb 15, 2023

This pull request aims to further automize Dependabot pull requests.
Earlier, we introduced automation to approve pull requests.
The adjustments below aim to automatically merge pull requests originating from the "actor" dependabot[bot].

Note that part of this pull request is branch protection settings within this repository, which since they are GitHub settings cannot be part of the PR.
These settings require a successful run of the JDK8, JDK11, and JDK17 builds for a given pull request.
So when any of the three fails, the branch protection rule ensures the pull request cannot be automatically merged.

Furthermore, to minimize the impact of this automation, for now, I've set it to only act on patch version increments.
This is done through the if block validating whether the update-type is of type semver-patch.

Lastly, it's worthwhile to note that I've based all this on the Dependabot automation documentation of GitHub

@smcvb
Add an auto-merge dependabot pr step
9b3f329 
Add an auto-merge dependabot pr step to the dependabot-automation.yml.
Note that these adjustments follow the suggested approach described
here: https://docs.github.com/en/code-security/dependabot/working-with
-dependabot/automating-dependabot-with-github-actions#enable-auto-merge
-on-a-pull-request. This currently only work for patch releases as a
form of trial.

#feature/auto-merge-dependabot
@smcvb smcvb added Type: Feature Use to signal an issue is completely new to the project. Priority 3: Could Low priority. Issues that are nice to have but have a straightforward workaround. Status: In Progress Use to signal this issue is actively worked on. labels Feb 15, 2023
@smcvb smcvb added this to the Release 4.8.0 milestone Feb 15, 2023
@smcvb smcvb requested a review from a team February 15, 2023 15:59
@smcvb smcvb self-assigned this Feb 15, 2023
@smcvb smcvb requested review from gklijs and CodeDrivenMitch and removed request for a team February 15, 2023 15:59
gklijs
gklijs approved these changes Feb 17, 2023
View reviewed changes
Copy link
Contributor

@gklijs gklijs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

@smcvb smcvb merged commit a1e3813 into master Feb 20, 2023
@smcvb smcvb deleted the feature/auto-merge-dependabot branch February 20, 2023 10:19
@smcvb smcvb added Status: Resolved Use to signal that work on this issue is done. and removed Status: In Progress Use to signal this issue is actively worked on. labels Feb 20, 2023
@smcvb smcvb mentioned this pull request Mar 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gklijs gklijs gklijs approved these changes

@CodeDrivenMitch CodeDrivenMitch Awaiting requested review from CodeDrivenMitch CodeDrivenMitch was automatically assigned from AxonFramework/framework-developers

Assignees

@smcvb smcvb

Labels
Priority 3: Could Low priority. Issues that are nice to have but have a straightforward workaround. Status: Resolved Use to signal that work on this issue is done. Type: Feature Use to signal an issue is completely new to the project.
Projects
None yet
Milestone
Release 4.8.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@smcvb @gklijs