-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
7 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,23 +5,20 @@ on: | |
| workflow_call: | ||
| secrets: | ||
| app_id: | ||
| required: false | ||
| required: true | ||
| private_key: | ||
| required: false | ||
| required: true | ||
|
|
||
| jobs: | ||
| dependabot: | ||
|
|
||
| name: auto-merge | ||
| runs-on: ubuntu-22.04 | ||
| if: github.actor == 'dependabot[bot]' | ||
|
|
||
| env: | ||
| USING_APP_CREDENTIALS: ${{ secrets.app_id != '' && secrets.private_key != '' }} | ||
| if: github.actor == 'dependabot[bot]' | ||
|
|
||
| steps: | ||
| - name: Get App Token | ||
| if: ${{ env.USING_APP_CREDENTIALS == 'true' }} | ||
| uses: tibdex/[email protected] | ||
| id: get_token | ||
| with: | ||
|
|
@@ -32,7 +29,7 @@ jobs: | |
| id: metadata | ||
| uses: dependabot/fetch-metadata@v1 | ||
| with: | ||
| github-token: ${{ env.USING_APP_CREDENTIALS == 'true' && steps.get_token.outputs.token || secrets.GITHUB_TOKEN }} | ||
| github-token: ${{ steps.get_token.outputs.token }} | ||
|
|
||
| - name: Enable auto-merge for Dependabot PRs | ||
| if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' | ||
|
|
@@ -41,4 +38,4 @@ jobs: | |
| gh pr merge --auto --merge "$PR_URL" | ||
| env: | ||
| PR_URL: ${{ github.event.pull_request.html_url }} | ||
| GITHUB_TOKEN: ${{ env.USING_APP_CREDENTIALS == 'true' && steps.get_token.outputs.token || secrets.GITHUB_TOKEN }} | ||
| GITHUB_TOKEN: ${{ steps.get_token.outputs.token }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -29,24 +29,6 @@ In this section you can find examples of how to use template workflows. For more | |
| <summary>The action can be used to auto-merge a dependabot PR with minor and patch updates.</summary> | ||
| The action is called by creating a PR. It is necessary that the repository is enabled for auto-merge. | ||
| There are two possibilities to enable the action. | ||
| First, you can use the general GitHub token but the actions does not run on the default branch. | ||
| ```yml | ||
| name: Enable Dependabot Auto-Merge | ||
|
|
||
| on: pull_request | ||
|
|
||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
|
|
||
| jobs: | ||
| dependabot: | ||
| uses: Staffbase/gha-workflows/.github/workflows/[email protected] | ||
| ``` | ||
| Or you can use a specific GitHub app id and private key to generate a new token which can be used for the action. | ||
| ```yml | ||
| name: Enable Dependabot Auto-Merge | ||
|
|
@@ -57,9 +39,9 @@ jobs: | |
| dependabot: | ||
| uses: Staffbase/gha-workflows/.github/workflows/[email protected] | ||
| secrets: | ||
| # optional: identifier of the GitHub App for authentication | ||
| # identifier of the GitHub App for authentication | ||
| app_id: ${{ <your-app-id> }} | ||
| # optional: private key of the GitHub App | ||
| # private key of the GitHub App | ||
| private_key: ${{ <your-private-key> }} | ||
| ``` | ||
|
|
||