ci(dependabot-merge): replace non-functioning merge action (#8306)

Refs ahmadnassri/action-dependabot-auto-merge#166

Author: char0n

.github/workflows/dependabot-merge.yml

@@ -9,9 +9,28 @@ jobs:
     if: github.actor == 'dependabot[bot]'
     runs-on: ubuntu-latest
     steps:
-      - name: Merge me!
-        uses: ahmadnassri/action-dependabot-auto-merge@v2
+      # This first step will fail if there's no metadata and so the approval
+      # will not occur.
+      - name: Dependabot metadata
+        id: dependabot-metadata
+        uses: dependabot/[email protected]
         with:
-          target: minor
-          github-token: ${{ secrets.SWAGGER_BOT_GITHUB_TOKEN }}
-          command: squash and merge
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      # Here the PR gets approved.
+      - name: Approve a PR
+        if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GITHUB_TOKEN: ${{ secrets.SWAGGER_BOT_GITHUB_TOKEN }}
+      # Finally, tell dependabot to merge the PR if all checks are successful
+      - name: Instruct dependabot to squash & merge
+        if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+        uses: mshick/add-pr-comment@v2
+        with:
+          repo-token: ${{ secrets.SWAGGER_BOT_GITHUB_TOKEN }}
+          allow-repeats: true
+          message: |
+            @dependabot squash and merge
+        env:
+          GITHUB_TOKEN: ${{ secrets.SWAGGER_BOT_GITHUB_TOKEN }}