formidable/.github/workflows/____deps-automation.yml at f6992dc73866ad0ffa339e447f5cbf4b41717180 · node-formidable/formidable · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: Dependabot Automation
on: pull_request

permissions:
  pull-requests: write

jobs:
  dependabot:
    runs-on: ubuntu-latest
    # ignored job because the `xxxxx` typo. Intentional, we use Kodiak
    if:
      github.event.pull_request.user.login == 'dependabot[bot]' && github.repository ==
      'node-formidable/xxxx'
    steps:
      - name: Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7
        with:
          github-token: '${{ secrets.GITHUB_TOKEN }}'
      - name: Approve a PR
        run: gh pr review --approve "$PR_URL"
        env:
          PR_URL: ${{github.event.pull_request.html_url}}
          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
      - name: Enable auto-merge for Dependabot PRs
        if:
          contains(steps.metadata.outputs.dependency-names, 'my-dependency') &&
          steps.metadata.outputs.update-type == 'version-update:semver-minor'
        run: gh pr merge --auto --merge "$PR_URL"
        env:
          PR_URL: ${{github.event.pull_request.html_url}}
          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}