Merge pull request #299 from domainr/dependabot-auto-approve

GH Actions workflow updates
domainr · Sep 21, 2023 · da9b65b · da9b65b
2 parents dc30bfd + 91db516
commit da9b65b
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 38 deletions.
diff --git a/.github/workflows/automerge.yaml b/.github/workflows/automerge.yaml
@@ -1,26 +1,39 @@
-name: Merge
+name: Approve & Merge
 
 on:
-  pull_request_review:
-    types:
-      - submitted
+  pull_request
+
+permissions:
+  contents: write
+  pull-requests: write
 
 jobs:
+  approve:
+    runs-on: ubuntu-22.04
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.6.0
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Approve a PR
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
   merge:
-    name: Merge pull request
-    if: |
-      github.event.review.state == 'approved' &&
-      github.event.pull_request.user.login == 'dependabot[bot]'
     runs-on: ubuntu-22.04
+    if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Merge
-        uses: actions/github-script@v6.4.1
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.6.0
         with:
-          github-token: ${{ secrets.DOMAINRBOT_RW_GITHUB_ACCESS_TOKEN }}
-          script: |
-            github.pulls.merge({
-              owner: context.payload.repository.owner.login,
-              repo: context.payload.repository.name,
-              pull_number: context.payload.pull_request.number,
-              merge_method: 'merge'
-            })
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: ${{contains(steps.metadata.outputs.dependency-names, 'zonedb') && steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml
@@ -31,23 +31,3 @@ jobs:
 
       - name: Verify repo is unchanged
         run: git diff --exit-code HEAD
-
-  review:
-    name: Review pull request
-    needs: test
-    if: |
-      github.event.pull_request.user.login == 'dependabot[bot]' &&
-      contains(github.head_ref, 'dependabot/go_modules/github.com/zonedb/zonedb')
-    runs-on: ubuntu-latest
-    steps:
-      - name: Approve pull request
-        uses: actions/github-script@v6.4.1
-        with:
-          github-token: ${{ secrets.DOMAINRBOT_RW_GITHUB_ACCESS_TOKEN }}
-          script: |
-            github.pulls.createReview({
-              owner: context.payload.repository.owner.login,
-              repo: context.payload.repository.name,
-              pull_number: context.payload.pull_request.number,
-              event: 'APPROVE'
-            })