Skip to content

Commit

Permalink
Merge pull request #20 from Shopify/add-dependabot
Browse files Browse the repository at this point in the history
Add dependabot
  • Loading branch information
swalkinshaw authored May 24, 2024
2 parents f1af618 + 9d610d2 commit 425bdea
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 0 deletions.
20 changes: 20 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
version: 2
registries:
ruby-shopify:
type: rubygems-server
url: https://pkgs.shopify.io/basic/gems/ruby
username: ${{secrets.RUBYGEMS_SERVER_PKGS_SHOPIFY_IO_USERNAME}}
password: ${{secrets.RUBYGEMS_SERVER_PKGS_SHOPIFY_IO_PASSWORD}}
github.com:
type: git
url: https://github.com
username: ${{secrets.DEPENDENCIES_GITHUB_USER}}
password: ${{secrets.DEPENDENCIES_GITHUB_TOKEN}}
updates:
- package-ecosystem: bundler
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 100
insecure-external-code-execution: allow
registries: "*"
27 changes: 27 additions & 0 deletions .github/workflows/dependabot_auto_merge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: Dependabot auto-merge
on: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
update-gem-rbis:
uses: Shopify/shopify-types/.github/workflows/dependabot_update_rbis.yml@main
secrets: inherit
dependabot:
needs: update-gem-rbis
runs-on: shopify-ubuntu-latest
if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' }}
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
PR_URL: ${{ github.event.pull_request.html_url }}
run: gh pr merge --auto --merge "$PR_URL"

0 comments on commit 425bdea

Please sign in to comment.