github: enable auto-merge on Dependabot PRs

To merge a Dependabot PR, I have to enable auto-merge (two clicks, including one to confim) and then review and approve it. Since our branch protections require the PR to be approved, it seems that that should be enough. This patch adds a GitHub action that calls runs the GitHub CLI to do that. It is based on https://dev.to/slashgear_/how-to-automatically-merge-dependabot-pull-requests-with-github-actions--30pe
2024-09-20 02:07:15 +03:00 · 2022-08-31 16:56:33 -07:00 · 2022-08-31 16:56:33 -07:00 · 2ff710a131
commit 2ff710a131
parent ff2e6c9c5b
1 changed files with 18 additions and 0 deletions
--- a/.github/workflows/dependabot.yml
+++ b/.github/workflows/dependabot.yml
@ -0,0 +1,18 @@
+name: build
+
+on:
+  pull_request:
+
+permissions: read-all
+
+jobs:
+  dependabot-auto-merge:
+    name: 'Dependabot auto-merge'
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+    - name: Enable auto-merge for Dependabot PRs
+      run: gh pr merge --auto "$PR_URL"
+      env:
+        PR_URL: ${{github.event.pull_request.html_url}}
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}