From 98fb3160459a62e004b9c3347de0d305e5d55b30 Mon Sep 17 00:00:00 2001
From: hmmachadocx <hugo.machado@checkmarx.com>
Date: Wed, 15 Jun 2022 17:14:36 +0100
Subject: [PATCH] AST-13072 - Improve PR handling

- Added dependabot auto merge
- Auto assign PR
- Add reviewers to PR
---
 .github/dependabot.yml                      |  4 ++++
 .github/workflows/dependabot-auto-merge.yml | 25 +++++++++++++++++++++
 .github/workflows/pr-automation.yml         | 22 ++++++++++++++++++
 3 files changed, 51 insertions(+)
 create mode 100644 .github/workflows/dependabot-auto-merge.yml
 create mode 100644 .github/workflows/pr-automation.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index d3249cf0..9764c81d 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,6 +9,8 @@ updates:
     directory: "/" # Location of package manifests
     schedule:
       interval: "daily"
+    reviewers:
+      - "Checkmarx/ast-galactica-team"
   
   - package-ecosystem: "github-actions"
     # Workflow files stored in the
@@ -16,3 +18,5 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    reviewers:
+      - "Checkmarx/ast-galactica-team"
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
new file mode 100644
index 00000000..e70bd351
--- /dev/null
+++ b/.github/workflows/dependabot-auto-merge.yml
@@ -0,0 +1,25 @@
+name: Dependabot auto-merge
+on: pull_request
+
+permissions:
+  contents: write
+
+jobs:
+  dependabot-merge:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.3.1
+        with:
+          github-token: "${{ secrets.PERSONAL_ACCESS_TOKEN  }}"
+      - name: Enable auto-merge for Dependabot PRs
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN }}
+        run: gh pr merge --auto --merge "$PR_URL"
+      - name: Auto approve dependabot PRs
+        uses: hmarr/auto-approve-action@v2
+        with:
+          github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
diff --git a/.github/workflows/pr-automation.yml b/.github/workflows/pr-automation.yml
new file mode 100644
index 00000000..57731538
--- /dev/null
+++ b/.github/workflows/pr-automation.yml
@@ -0,0 +1,22 @@
+name: PR Automation
+on:
+  pull_request_target:
+    types: [ready_for_review, opened, reopened]
+
+permissions:
+  contents: none
+  issues: write
+  pull-requests: write
+
+jobs:
+  add-reviewers:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.pull_request.user.type != 'Bot' }}
+    steps:
+      - name: Request reviewers
+        env:
+          GH_REPO: ${{ github.repository }}
+          GH_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN  }}
+          PRNUM: ${{ github.event.pull_request.number }}
+          PRAUTHOR: ${{ github.event.pull_request.user.login }}
+        run: gh pr edit $PRNUM --add-reviewer Checkmarx/ast-galactica-team