Skip to content

Commit c6d8dcc

Browse files
authored
Generate changelog for Dependabot PRs (#4112)
Wire up the reusable workflows from apache/logging-parent#419 to: - Generate changelog entries for Dependabot PRs. - Re-run build checks on the newly created commit. - Enable auto-merge, which only merges once required checks pass and a maintainer approves. Together, these allow merging Dependabot PRs in a single click. Also add a concurrency setting to `build.yaml` and `codeql-analysis.yaml` so superseded PR commits stop consuming runners.
1 parent 8243257 commit c6d8dcc

4 files changed

Lines changed: 98 additions & 0 deletions

File tree

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
#
2+
# Licensed to the Apache Software Foundation (ASF) under one or more
3+
# contributor license agreements. See the NOTICE file distributed with
4+
# this work for additional information regarding copyright ownership.
5+
# The ASF licenses this file to you under the Apache License, Version 2.0
6+
# (the "License"); you may not use this file except in compliance with
7+
# the License. You may obtain a copy of the License at
8+
#
9+
# http://www.apache.org/licenses/LICENSE-2.0
10+
#
11+
# Unless required by applicable law or agreed to in writing, software
12+
# distributed under the License is distributed on an "AS IS" BASIS,
13+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14+
# See the License for the specific language governing permissions and
15+
# limitations under the License.
16+
#
17+
18+
name: "Dependabot Analyze PR"
19+
20+
on:
21+
pull_request:
22+
23+
# Default permissions for each job.
24+
# Additional permissions should be assigned on a per-job basis.
25+
permissions: { }
26+
27+
jobs:
28+
29+
analyze-dependabot:
30+
# `github.actor` prevents recursive calls when `github-actions[bot]` pushes to the PR;
31+
# `github.event.pull_request.user.login` skips PRs not opened by Dependabot.
32+
if: ${{
33+
github.repository == 'apache/logging-log4j2'
34+
&& github.actor == 'dependabot[bot]'
35+
&& github.event.pull_request.user.login == 'dependabot[bot]'
36+
}}
37+
uses: apache/logging-parent/.github/workflows/analyze-dependabot-reusable.yaml@gha/v0

.github/workflows/build.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,11 @@ on:
2525
- "release/2*"
2626
pull_request:
2727

28+
# Cancel in-progress runs when a newer commit lands on the same PR; pushes to 2.x run to completion.
29+
concurrency:
30+
group: ${{ github.workflow }}-${{ github.ref }}
31+
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
32+
2833
permissions: read-all
2934

3035
jobs:

.github/workflows/codeql-analysis.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,11 @@ on:
2525
schedule:
2626
- cron: '32 12 * * 5'
2727

28+
# Cancel in-progress runs when a newer commit lands on the same PR; pushes to 2.x run to completion.
29+
concurrency:
30+
group: ${{ github.workflow }}-${{ github.ref }}
31+
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
32+
2833
permissions: read-all
2934

3035
jobs:
Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
#
2+
# Licensed to the Apache Software Foundation (ASF) under one or more
3+
# contributor license agreements. See the NOTICE file distributed with
4+
# this work for additional information regarding copyright ownership.
5+
# The ASF licenses this file to you under the Apache License, Version 2.0
6+
# (the "License"); you may not use this file except in compliance with
7+
# the License. You may obtain a copy of the License at
8+
#
9+
# http://www.apache.org/licenses/LICENSE-2.0
10+
#
11+
# Unless required by applicable law or agreed to in writing, software
12+
# distributed under the License is distributed on an "AS IS" BASIS,
13+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14+
# See the License for the specific language governing permissions and
15+
# limitations under the License.
16+
#
17+
18+
name: "Dependabot Process PR"
19+
20+
on:
21+
workflow_run:
22+
workflows:
23+
- "Dependabot Analyze PR"
24+
types:
25+
- completed
26+
27+
# Default permissions for each job.
28+
# Additional permissions should be assigned on a per-job basis.
29+
permissions: { }
30+
31+
jobs:
32+
33+
process-dependabot:
34+
# Skip this workflow on commits not pushed by Dependabot
35+
if: ${{
36+
github.repository == 'apache/logging-log4j2'
37+
&& github.actor == 'dependabot[bot]'
38+
&& github.event.workflow_run.conclusion == 'success'
39+
}}
40+
uses: apache/logging-parent/.github/workflows/process-dependabot-reusable.yaml@gha/v0
41+
permissions:
42+
# The default GITHUB_TOKEN will be used to enable the "auto-merge" on the PR
43+
# This requires the following two permissions:
44+
contents: write
45+
pull-requests: write
46+
secrets:
47+
# This token will be used to push new content to the repo and trigger workflows again
48+
RECURSIVE_TOKEN: ${{ secrets.DEPENDABOT_TOKEN }}
49+
with:
50+
# The path to the changelog directory for the current development branch.
51+
changelog-path: src/changelog/.2.x.x

0 commit comments

Comments
 (0)