mirror of
https://github.com/long2ice/fastapi-cache.git
synced 2026-03-24 20:47:54 +00:00
4236b350d9
The auto-merge workflow automatically approves dependabot PRs that update dependencies or github actions where the semver difference is at most a minor upgrade. These PRs are then auto-merged once the CI checks have passed. The labeller workflow adds / removes the auto-merge label to make auto-merging more visible in issue lists and to make it possible to filter such PRs. This workflow is unfortunately not triggered when the auto-approve workflow enables auto-merging due to GH anti- recursion rules, so the auto-merge workflow adds the label explicitly.
36 lines
1.3 KiB
YAML
36 lines
1.3 KiB
YAML
name: Dependabot auto-merge
|
|
on: pull_request_target
|
|
|
|
permissions:
|
|
pull-requests: write
|
|
contents: write
|
|
|
|
jobs:
|
|
dependabot:
|
|
runs-on: ubuntu-latest
|
|
if: github.event.pull_request.user.login == 'dependabot[bot]'
|
|
steps:
|
|
- name: Dependabot metadata
|
|
id: dependabot-metadata
|
|
uses: dependabot/fetch-metadata@v1.4.0
|
|
|
|
- uses: actions/checkout@v3
|
|
- name: Approve PR
|
|
# only auto-approve direct deps that are minor or patch updates
|
|
# dependency type is indirect, direct:development or direct:production
|
|
# version-update is semver-major, semver-minor or semver-patch
|
|
if: |
|
|
steps.metadata.outputs.dependency-type != 'indirect'
|
|
&& steps.metadata.outputs.update-type != 'version-update:semver-major'
|
|
run: |
|
|
if [ "$(gh pr view "$PR_URL" --json reviewDecision -q .reviewDecision)" != "APPROVED" ]; then
|
|
gh pr review --approve "$PR_URL"
|
|
else
|
|
echo "PR already approved, skipping additional approvals to minimize emails/notification noise."
|
|
fi
|
|
gh pr merge --auto --squash "$PR_URL"
|
|
gh pr edit "$PR_URL" --add-label "auto-merge"
|
|
env:
|
|
PR_URL: ${{github.event.pull_request.html_url}}
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|