codacy-engine-golang-seed/.github/workflows/auto-merge-dependabot-dependency-updates.yaml at 100fea5c39f9b5ec62149169a3a2d8fa3e286ed7 · codacy/codacy-engine-golang-seed · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Automatically merge (using squash) dependency update PRs, opened by Dependabot, under the following conditions:
#
#   - PR was opened by dependabot[bot].
#   - Dependency update is a minor or patch update. This is determined based on Dependabot's metadata.
#   - Configured required checks pass.
#
# PRs are approved and merged by user codacybeta (https://github.com/orgs/codacy/people/codacybeta), using its
# AUTO_MERGE_TOKEN.
name: Auto-merge Dependabot dependency updates

on:
  pull_request:

jobs:
  auto-merge:
    name: Auto-merge Dependabot dependency updates
    runs-on: ubuntu-latest
    if: github.event.pull_request.user.login == 'dependabot[bot]'
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Get Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@v2
        with:
          github-token: ${{ secrets.AUTO_MERGE_TOKEN }}
      - name: Approve PR and set it to auto-merge
        if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor'
        run: |
          gh pr review --approve ${{ github.event.pull_request.number }}
          gh pr merge --squash --auto ${{ github.event.pull_request.number }}
        env:
          GH_TOKEN: ${{ secrets.AUTO_MERGE_TOKEN }}