-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
merge-dependabot-prs
executable file
·70 lines (69 loc) · 1.94 KB
/
merge-dependabot-prs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/usr/bin/env bash
get-repos() {
gh repo list --limit 9999 --jq '.[].nameWithOwner' --json nameWithOwner --no-archived &&
while IFS=$'\n' read -r org; do
gh api \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/orgs/${org}/repos" --jq '.[].full_name'
done < <(gh org list)
}
get-repos-sorted() {
get-repos | sort -u
}
uses-dependabot() {
gh api \
--silent \
-H 'Accept: application/vnd.github+json' \
-H 'X-GitHub-Api-Version: 2022-11-28' \
"/repos/${1}/contents/.github/dependabot.yml" &>/dev/null ||
gh api \
--jq .security_and_analysis.dependabot_security_updates.status \
"/repos/${1}" | grep -qE '^enabled$' ||
return 1
}
comment-rebase() {
local -r number="$2"
local -r repo="$1"
gh pr --repo "$repo" comment "$number" --body '@dependabot rebase'
}
try-merge-pr() {
local -r number="$2"
local -r repo="$1"
if ! gh pr --repo "$repo" merge --admin --delete-branch --rebase "$number"; then
comment-rebase "$repo" "$number"
return 1
fi
}
get-dependabot-open-pr-numbers() {
gh pr --repo "$1" list --author app/dependabot --jq '.[].number' --json number --state open
}
do-main() {
local exit_code i number repo
exit_code=0
for i in gh jq rg; do
if ! command -v "$i" &>/dev/null; then
echo "Install ${i}" >&2
return 1
fi
done
while IFS=$'\n' read -r repo; do
if ! uses-dependabot "$repo"; then
continue
fi
echo "$repo"
while IFS=$'\n' read -r number; do
if ! try-merge-pr "$repo" "$number"; then
exit_code=1
fi
done < <(get-dependabot-open-pr-numbers "$repo")
done < <(get-repos-sorted)
return "$exit_code"
}
main() {
while true; do
do-main && break
delay 2m
done
}
main