Use dependabot via GitHub actions
This commit is contained in:
22
.github/dependabot.yml
vendored
Normal file
22
.github/dependabot.yml
vendored
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
version: 2
|
||||||
|
|
||||||
|
updates:
|
||||||
|
- package-ecosystem: bundler
|
||||||
|
directory: "/"
|
||||||
|
schedule:
|
||||||
|
interval: daily
|
||||||
|
time: "09:00"
|
||||||
|
timezone: UTC
|
||||||
|
labels:
|
||||||
|
- dependencies
|
||||||
|
- ruby
|
||||||
|
|
||||||
|
- package-ecosystem: npm
|
||||||
|
directory: "/"
|
||||||
|
schedule:
|
||||||
|
interval: daily
|
||||||
|
time: "09:00"
|
||||||
|
timezone: UTC
|
||||||
|
labels:
|
||||||
|
- dependencies
|
||||||
|
- javascript
|
25
.github/workflows/dependabot.yml
vendored
Normal file
25
.github/workflows/dependabot.yml
vendored
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
name: Dependabot Automerge Check
|
||||||
|
on:
|
||||||
|
- pull_request
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
worker:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Automerge dependabot dependencies
|
||||||
|
uses: actions/github-script@v3
|
||||||
|
if: github.actor == 'dependabot[bot]'
|
||||||
|
with:
|
||||||
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
script: |
|
||||||
|
github.pullRequests.createReview({
|
||||||
|
owner: context.payload.repository.owner.login,
|
||||||
|
repo: context.payload.repository.name,
|
||||||
|
pull_number: context.payload.pull_request.number,
|
||||||
|
event: 'APPROVE'
|
||||||
|
})
|
||||||
|
github.pullRequests.merge({
|
||||||
|
owner: context.payload.repository.owner.login,
|
||||||
|
repo: context.payload.repository.name,
|
||||||
|
pull_number: context.payload.pull_request.number
|
||||||
|
})
|
Reference in New Issue
Block a user