Dependabot Auto-Merge #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Auto-Merge | |
| # This workflow runs AFTER CI completes for Dependabot PRs. | |
| # It waits for CI to pass, then enables auto-merge. | |
| on: | |
| workflow_run: | |
| workflows: ["CI"] | |
| types: | |
| - completed | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| auto-merge: | |
| name: Merge Dependabot PR | |
| runs-on: ubuntu-latest | |
| # Run if: | |
| # 1. CI passed | |
| # 2. It was triggered by Dependabot | |
| # 3. It was a pull request | |
| if: | | |
| github.event.workflow_run.conclusion == 'success' && | |
| github.event.workflow_run.actor.login == 'dependabot[bot]' && | |
| github.event.workflow_run.event == 'pull_request' | |
| steps: | |
| - name: Get PR number | |
| id: pr | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const { data: pullRequests } = await github.rest.pulls.list({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| state: 'open', | |
| head: `${context.repo.owner}:${context.payload.workflow_run.head_branch}` | |
| }); | |
| if (pullRequests.length > 0) { | |
| const pr = pullRequests[0]; | |
| core.setOutput('number', pr.number); | |
| core.setOutput('title', pr.title); | |
| core.setOutput('found', 'true'); | |
| // Check if it's a major update by looking at the PR title | |
| // Dependabot titles include version info like "from 1.0.0 to 2.0.0" | |
| const majorPattern = /from \d+\.\d+\.\d+ to (\d+)\./; | |
| const match = pr.title.match(majorPattern); | |
| if (match) { | |
| const fromMajor = pr.title.match(/from (\d+)\./); | |
| const toMajor = match[1]; | |
| if (fromMajor && fromMajor[1] !== toMajor) { | |
| core.setOutput('is_major', 'true'); | |
| } else { | |
| core.setOutput('is_major', 'false'); | |
| } | |
| } else { | |
| core.setOutput('is_major', 'false'); | |
| } | |
| console.log(`Found PR #${pr.number}: ${pr.title}`); | |
| } else { | |
| core.setOutput('found', 'false'); | |
| console.log('No matching PR found'); | |
| } | |
| - name: merge patch/minor updates | |
| if: steps.pr.outputs.found == 'true' && steps.pr.outputs.is_major != 'true' | |
| run: | | |
| echo "Enabling merge for PR #${{ steps.pr.outputs.number }}" | |
| echo "Title: ${{ steps.pr.outputs.title }}" | |
| gh pr merge --merge ${{ steps.pr.outputs.number }} --repo ${{ github.repository }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Skip major updates | |
| if: steps.pr.outputs.found == 'true' && steps.pr.outputs.is_major == 'true' | |
| run: | | |
| echo "⚠️ Major version update detected - manual review required" | |
| echo "PR #${{ steps.pr.outputs.number }}: ${{ steps.pr.outputs.title }}" |