Skip to content

ci: bump dependabot/fetch-metadata from 1 to 2 #175

ci: bump dependabot/fetch-metadata from 1 to 2

ci: bump dependabot/fetch-metadata from 1 to 2 #175

Workflow file for this run

---
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
name: Dependabot auto-approve/merge
"on": pull_request
permissions:
contents: write
pull-requests: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
- name: Approve and auto-merge the PR
if: >
steps.metadata.outputs.update-type == 'version-update:semver-minor' ||
steps.metadata.outputs.update-type == 'version-update:semver-patch'
run: |
gh pr review --approve "$PR_URL"
# If both this repo's auto-merge setting and its default branch
# (e.g., main) protection are enabled,
# you can uncomment the next line.
gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# yamllint disable rule:comments-indentation rule:line-length
# If you want to automatically request reviews from specific users for the
# PR when the dependency updates are neither minor updates nor patch
# updates, uncomment the following step.
# CAUTION: The following step may fail if this repo visibility is private.
- name: Request reviews for the PR
if: >
steps.metadata.outputs.update-type != 'version-update:semver-minor' &&
steps.metadata.outputs.update-type != 'version-update:semver-patch'
run: gh pr edit "$PR_URL" --add-reviewer haru52
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# yamllint enable rule:comments-indentation rule:line-length