-
-
Notifications
You must be signed in to change notification settings - Fork 221
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e2674d2
commit 70e6c31
Showing
1 changed file
with
41 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,32 +1,47 @@ | ||
| # this workflow merges requests from Dependabot if tests are passing | ||
| name: Merge me! | ||
| # ref https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions | ||
| # and https://github.com/dependabot/fetch-metadata | ||
| name: Auto-merge | ||
|
|
||
| on: | ||
| workflow_run: | ||
| types: | ||
| - completed | ||
| workflows: | ||
| - 'Test' | ||
| # `pull_request_target` means this uses code in the base branch, not the PR. | ||
| on: pull_request_target | ||
|
|
||
| # Dependabot PRs' tokens have read permissions by default and thus we must enable write permissions. | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
|
|
||
| jobs: | ||
| merge-me: | ||
| name: Merge me! | ||
| dependencies: | ||
| runs-on: ubuntu-latest | ||
| if: github.actor == 'dependabot[bot]' | ||
|
|
||
| steps: | ||
| - name: Fetch PR metadata | ||
| id: metadata | ||
| uses: dependabot/[email protected] | ||
| with: | ||
| github-token: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| runs-on: ubuntu-latest | ||
| - name: Wait for PR CI | ||
| # Don't merge updates to GitHub Actions versions automatically. | ||
| # (Some repos may wish to limit by version range (major/minor/patch), or scope (dep vs dev-dep), too.) | ||
| if: contains(steps.metadata.outputs.package-ecosystem, 'npm') | ||
| uses: lewagon/[email protected] | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.sha }} | ||
| repo-token: ${{ secrets.GITHUB_TOKEN }} | ||
| wait-interval: 30 # seconds | ||
| running-workflow-name: dependencies # wait for all checks except this one | ||
| allowed-conclusions: success # all other checks must pass, being skipped or cancelled is not sufficient | ||
|
|
||
| steps: | ||
| - name: Merge me! | ||
| if: ${{ github.event.workflow_run.conclusion == 'success' }} | ||
| uses: ridedott/merge-me-action@v2 | ||
| with: | ||
| # Depending on branch prodtection rules, a manually populated | ||
| # `GITHUB_TOKEN_WORKAROUND` secret with permissions to push to | ||
| # a protected branch must be used. | ||
| # | ||
| # When using a custom token, it is recommended to leave the following | ||
| # comment for other developers to be aware of the reasoning behind it: | ||
| # | ||
| # This must be used as GitHub Actions token does not support pushing | ||
| # to protected branches. | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| PRESET: DEPENDABOT_MINOR | ||
| - name: Auto-merge dependabot PRs | ||
| # Don't merge updates to GitHub Actions versions automatically. | ||
| # (Some repos may wish to limit by version range (major/minor/patch), or scope (dep vs dev-dep), too.) | ||
| if: contains(steps.metadata.outputs.package-ecosystem, 'npm') | ||
| env: | ||
| PR_URL: ${{ github.event.pull_request.html_url }} | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| # The "auto" flag will only merge once all of the target branch's required checks | ||
| # are met. Configure those in the "branch protection" settings for each repo. | ||
| run: gh pr merge --auto --squash "$PR_URL" |