Fix dependabot auto merge workflow (#1465)

Author: ehl-jf

.github/workflows/dependabot-auto-merge.yml

@@ -13,25 +13,30 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'jfrog/jfrog-cli-core'
     steps:
+      - name: Checkout PR code
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Add 'ignore for release' label
         run: |
           gh pr edit ${{ github.event.pull_request.number }} --add-label "ignore for release"
         env:
           GH_TOKEN: ${{ secrets.CLI_ACTION_TOKEN }}
 
+      - name: Approve PR
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.CLI_ACTION_TOKEN}}
+
       - name: Dependabot metadata
         id: metadata
         uses: dependabot/fetch-metadata@v2.4.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
-      - name: Checkout PR code
-        if: steps.metadata.outputs.dependency-group == 'go'
-        uses: actions/checkout@v5
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          token: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Run make update-all for go dependencies
         if: steps.metadata.outputs.dependency-group == 'go'
         run: make update-all
@@ -47,12 +52,6 @@ jobs:
             git push
           fi
 
-      - name: Approve PR
-        run: gh pr review --approve "$PR_URL"
-        env:
-          PR_URL: ${{github.event.pull_request.html_url}}
-          GH_TOKEN: ${{secrets.CLI_ACTION_TOKEN}}
-
       - name: Enable auto-merge for Dependabot PRs
         run: gh pr merge --auto --squash "$PR_URL"
         env: