From b5df4473151d36b95e9010d238e7d8c6d4a2c9c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Raimondas=20Rimkevi=C4=8Dius?= Date: Sat, 1 Oct 2022 12:17:09 +0300 Subject: [PATCH] Automerge dependabot pull requests --- .github/workflows/on-pull-request.yml | 41 +++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/on-pull-request.yml diff --git a/.github/workflows/on-pull-request.yml b/.github/workflows/on-pull-request.yml new file mode 100644 index 0000000..3af2c26 --- /dev/null +++ b/.github/workflows/on-pull-request.yml @@ -0,0 +1,41 @@ +name: On pull request + +on: + pull_request: + branches: + - main + +jobs: + + dependabot: +# needs: +# - test + permissions: + pull-requests: write + contents: write + runs-on: ubuntu-latest + # Checking the actor will prevent your Action run failing on non-Dependabot + # PRs but also ensures that it only does work for Dependabot PRs. + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + # This first step will fail if there's no metadata and so the approval + # will not occur. + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.3.4 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + # Here the PR gets approved. + - name: Approve a PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Finally, this sets the PR to allow auto-merging for patch and minor + # updates if all checks pass + - name: Enable auto-merge for Dependabot PRs + # if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }} + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}