From fa2748aec431ab6fd13c05e6d2f4afccfa1a02dc Mon Sep 17 00:00:00 2001 From: Sebastian Serth Date: Mon, 7 Dec 2020 18:26:09 +0100 Subject: [PATCH] Use dependabot via GitHub actions --- .github/dependabot.yml | 22 ++++++++++++++++++++++ .github/workflows/dependabot.yml | 25 +++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..4b5314d6 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,22 @@ +version: 2 + +updates: + - package-ecosystem: bundler + directory: "/" + schedule: + interval: daily + time: "09:00" + timezone: UTC + labels: + - dependencies + - ruby + + - package-ecosystem: npm + directory: "/" + schedule: + interval: daily + time: "09:00" + timezone: UTC + labels: + - dependencies + - javascript diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 00000000..13b35a43 --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,25 @@ +name: Dependabot Automerge Check +on: + - pull_request + +jobs: + worker: + runs-on: ubuntu-latest + steps: + - name: Automerge dependabot dependencies + uses: actions/github-script@v3 + if: github.actor == 'dependabot[bot]' + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + github.pullRequests.createReview({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + pull_number: context.payload.pull_request.number, + event: 'APPROVE' + }) + github.pullRequests.merge({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + pull_number: context.payload.pull_request.number + })