From 130d9b056a7634d342fa99249f31c3a4caf1489b Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 10:44:53 +0100 Subject: [PATCH] chore(dependabot): automerge --- ...e-dependabot-prs-into-collected-branch.yml | 38 ++++++++++++ ...rge-passing-minor-patch-dependabot-prs.yml | 59 ------------------- .github/workflows/dev.yml | 6 +- .github/workflows/workflow-readme.md | 3 + 4 files changed, 46 insertions(+), 60 deletions(-) create mode 100644 .github/workflows/automerge-dependabot-prs-into-collected-branch.yml delete mode 100644 .github/workflows/automerge-passing-minor-patch-dependabot-prs.yml diff --git a/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml b/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml new file mode 100644 index 0000000..f1ba083 --- /dev/null +++ b/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml @@ -0,0 +1,38 @@ +# This script seperate major and minor but we do merge them into the same branch. +# Having two steps allows us to easily turn off major changes in future and then script them to their own branch and pipeline. +name: Auto-merge Dependabot PRs +on: + pull_request: + types: [opened, synchronize] + branches: [Automatic_version_update_dependabot] # Make sure this matches your actual branch name + +permissions: + contents: write + pull-requests: write + +jobs: + auto-merge: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + steps: + - name: Extract update type + id: extract + run: | + PR_TITLE="${{ github.event.pull_request.title }}" + if [[ $PR_TITLE == *"(major)"* ]]; then + echo "update_type=major" >> $GITHUB_OUTPUT + else + echo "update_type=minor_or_patch" >> $GITHUB_OUTPUT + fi + + - name: Auto-merge minor and patch updates + if: steps.extract.outputs.update_type == 'minor_or_patch' + run: gh pr merge --auto --squash "${{ github.event.pull_request.html_url }}" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Auto-merge major updates + if: steps.extract.outputs.update_type == 'major' + run: gh pr merge --auto --squash "${{ github.event.pull_request.html_url }}" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/automerge-passing-minor-patch-dependabot-prs.yml b/.github/workflows/automerge-passing-minor-patch-dependabot-prs.yml deleted file mode 100644 index f07615d..0000000 --- a/.github/workflows/automerge-passing-minor-patch-dependabot-prs.yml +++ /dev/null @@ -1,59 +0,0 @@ -# The intention is minor and patch should be merged into the dependabot branch automatically - -name: Dependabot Auto-Merge - -on: - pull_request: - branches: [ Automatic_version_update_dependabot ] - -permissions: - contents: write - pull-requests: write - -jobs: - # works alongside branch protection rules - auto-merge-minor-and-patch: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: extract update type - id: extract - run: | - pr_title="${{ github.event.pull_request.title }}" - if [[ $pr_title == *"(major)"* ]]; then - echo "update_type=major" >> $github_output - else - echo "update_type=minor_or_patch" >> $github_output - fi - - - name: set up github cli - uses: cli/cli-action@v2 - - - name: auto-merge non-major updates - if: ${{ steps.extract.outputs.update_type == 'minor_or_patch' }} - run: gh pr merge --auto --merge "$pr_url" - env: - pr_url: ${{ github.event.pull_request.html_url }} - github_token: ${{ secrets.github_token }} - - auto-merge-major: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Extract update type - id: extract - run: | - PR_TITLE="${{ github.event.pull_request.title }}" - if [[ $PR_TITLE == *"(major)"* ]]; then - echo "update_type=major" >> $GITHUB_OUTPUT - else - echo "update_type=minor_or_patch" >> $GITHUB_OUTPUT - - name: Set up GitHub CLI - uses: cli/cli-action@v2 - - - name: Auto-merge major updates - if: ${{ steps.extract.outputs.update_type == 'major' }} - run: gh pr merge --auto --merge "$PR_URL" - env: - PR_URL: ${{ github.event.pull_request.html_url }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index ab4a1d9..425af66 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -4,6 +4,10 @@ on: branches-ignore: - 'main' - 'master' + # We currently dont intend to test the showcase per package bump so wont run for package bumps + # we will run on the collected bumps merging though + - 'dependabot/**' + workflow_dispatch: permissions: @@ -83,7 +87,7 @@ jobs: echo "Semantic Release packages installed." npm ls --depth=0 # Debug: List installed packages - #configured with .releaseserc + # Configured with .releaseserc # Dry run we are not versioning the repo - name: Run dev semantic version (None Blocking) id: detect_semantic_version diff --git a/.github/workflows/workflow-readme.md b/.github/workflows/workflow-readme.md index fe8b3c3..170fdf9 100644 --- a/.github/workflows/workflow-readme.md +++ b/.github/workflows/workflow-readme.md @@ -81,6 +81,9 @@ The individual steps also automatically pass so can see if any error at the end # Notes - doesnt run easily with nektos act due to git ref checks and calling other workflows - for tests use the run-tests-and-report-with-env-values.ps1 file +- dependabot duplicates tokens using dependabot secrets including write so can run checks +- autoverging is being tried for major and minor +- branch checks must pass for merge on automated_version ## Versioning Via semantic release and recorded as a generate c# file used by a blazor component