diff --git a/.github/workflows/update-lock-file.yml b/.github/workflows/update-lock-file.yml new file mode 100644 index 000000000..da41ab5d7 --- /dev/null +++ b/.github/workflows/update-lock-file.yml @@ -0,0 +1,54 @@ +name: '[dependabot] Update NuGet lock file' + +on: + pull_request: + types: [labeled, opened, synchronize, reopened] + branches: [ main ] + +permissions: + pull-requests: write + contents: write + +jobs: + update-lock-file: + runs-on: ubuntu-latest + + if: ${{ (github.actor == 'dependabot[bot]' && github.event.action != 'labeled') || (github.event.action == 'labeled' && github.event.label.name == 'ci:update-lockfile') }} + steps: + - name: Dependabot metadata + if: ${{ github.actor == 'dependabot[bot]' }} + id: metadata + uses: dependabot/fetch-metadata@v2.2.0 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - uses: actions/checkout@v4 + if: ${{ github.actor == 'dependabot[bot]' && steps.metadata.outputs.package-ecosystem == 'nuget' || github.event.action == 'labeled' }} + with: + ref: ${{ github.head_ref }} + - name: Setup .NET + if: ${{ github.actor == 'dependabot[bot]' && steps.metadata.outputs.package-ecosystem == 'nuget' || github.event.action == 'labeled' }} + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 8.0.x + - name: Restore dependencies + if: ${{ github.actor == 'dependabot[bot]' && steps.metadata.outputs.package-ecosystem == 'nuget' || github.event.action == 'labeled' }} + run: dotnet restore + - uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: "chore: update NugGet lock file" + file_pattern: '*/packages.lock.json' + - name: Remove PR trigger label + if: ${{ github.event.action == 'labeled'}} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: actions/github-script@v7 + with: + script: | + try { + await github.rest.issues.removeLabel({ + owner: '${{github.repository_owner}}', + repo: '${{github.event.repository.name}}', + issue_number: ${{github.event.pull_request.number}}, + name: '${{github.event.label.name}}' + }); + } catch(e){}