From fa939ebdb52fbf005d2127a61ab458732c0f13da Mon Sep 17 00:00:00 2001 From: Juan Diaz Suarez Date: Tue, 19 Mar 2024 17:24:55 +0100 Subject: [PATCH] [CCXDEV-12378] Add dependabot-automerge.yml to automerge the dependabot pull requests --- .github/workflows/dependabot-automerge.yml | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/dependabot-automerge.yml diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml new file mode 100644 index 0000000..10f62e5 --- /dev/null +++ b/.github/workflows/dependabot-automerge.yml @@ -0,0 +1,37 @@ +# Set as automatically merge all the pull requests created by dependabot[bot] +name: Dependabot auto-merge +on: pull_request + +# This section adds write permissions to the secrets.GITHUB_TOKEN. Default is just read +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Github Actions bot approves the PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GH_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: InsightsDroid approves the PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GH_TOKEN: ${{secrets.INSIGHTSDROID_TOKEN}} + - name: Enable auto-merge for Dependabot PRs + # We can filter depending on the semver major, minor, or patch updates, + # but let's not do it for now + # if: steps.metadata.outputs.update-type == 'version-update:semver-patch' + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GH_TOKEN: ${{secrets.GITHUB_TOKEN}} \ No newline at end of file