From d703853f547b7f3f5c84676151ab7a59503f1021 Mon Sep 17 00:00:00 2001 From: Joris Conijn Date: Wed, 18 Oct 2023 10:30:01 +0200 Subject: [PATCH] chore: tweak dependabot --- .github/dependabot.yml | 6 ------ .github/workflows/auto-merge.yml | 29 ++++++++++++++++++++++------- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b859e19..ba1c6b8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,9 +9,3 @@ updates: directory: "/" # Location of package manifests schedule: interval: "daily" - assignees: - - "Nr18" -# groups: -# dependencies: -# patterns: -# - "*" diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index d8a633b..07c1810 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -1,14 +1,29 @@ name: auto-merge -on: - pull_request: +on: pull_request_target + +permissions: + pull-requests: write + contents: write jobs: - auto-merge: + dependabot: runs-on: ubuntu-latest - if: github.actor == 'dependabot[bot]' + if: ${{ github.actor == 'dependabot[bot]' }} steps: - - uses: actions/checkout@v2 - - uses: ahmadnassri/action-dependabot-auto-merge@v2 + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.1.1 with: - github-token: ${{ secrets.TOKEN }} + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve a PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Enable auto-merge for Dependabot PRs + if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }} + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}