Dependabot Auto-Merge #570
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Auto-Merge | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_run: | |
| workflows: ["Build"] | |
| types: | |
| - completed | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| approve: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v3 | |
| with: | |
| github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - name: Approve PR | |
| run: gh pr review --approve "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Update PR branch | |
| run: | | |
| # Update the PR branch with the latest from base branch | |
| gh pr update-branch "$PR_URL" || echo "Branch already up to date or cannot be updated" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Enable auto-merge for Dependabot PRs | |
| run: gh pr merge --auto --squash "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| merge: | |
| runs-on: ubuntu-latest | |
| if: | | |
| github.event_name == 'workflow_run' && | |
| github.event.workflow_run.conclusion == 'success' && | |
| github.event.workflow_run.event == 'pull_request' | |
| steps: | |
| - name: Get PR number | |
| id: pr | |
| uses: actions/github-script@v9 | |
| with: | |
| script: | | |
| const pulls = await github.rest.pulls.list({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| state: 'open', | |
| head: `${context.repo.owner}:${context.payload.workflow_run.head_branch}` | |
| }); | |
| if (pulls.data.length === 0) { | |
| console.log('No open PR found for this branch'); | |
| return null; | |
| } | |
| const pr = pulls.data[0]; | |
| console.log(`Found PR #${pr.number}`); | |
| return pr.number; | |
| result-encoding: string | |
| - name: Check if PR is from Dependabot | |
| if: steps.pr.outputs.result != 'null' | |
| id: check-dependabot | |
| uses: actions/github-script@v9 | |
| with: | |
| script: | | |
| const prNumber = ${{ steps.pr.outputs.result }}; | |
| const pr = await github.rest.pulls.get({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| pull_number: prNumber | |
| }); | |
| const isDependabot = pr.data.user.login === 'dependabot[bot]'; | |
| console.log(`PR #${prNumber} is from Dependabot: ${isDependabot}`); | |
| return isDependabot; | |
| - name: Update PR branch | |
| if: steps.check-dependabot.outputs.result == 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| PR_NUMBER=${{ steps.pr.outputs.result }} | |
| # Update the PR branch with the latest from base branch | |
| gh pr update-branch $PR_NUMBER --repo ${{ github.repository }} || echo "Branch already up to date or cannot be updated" | |
| - name: Merge PR | |
| if: steps.check-dependabot.outputs.result == 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| PR_NUMBER=${{ steps.pr.outputs.result }} | |
| gh pr merge $PR_NUMBER --squash --auto --repo ${{ github.repository }} |