Add dependabot automerge #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: TA2MAi Auto-merge | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| checks: read | |
| jobs: | |
| dependabot-automerge: | |
| runs-on: ubuntu-latest | |
| if: github.actor == 'TA2MA-bot[bot]' | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v1.6.0 | |
| with: | |
| github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - name: Wait for status checks | |
| uses: lewagon/wait-on-check-action@v1.3.1 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| check-name: 'build' # This matches the job name in proof-html.yml | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| wait-interval: 10 | |
| - name: Enable auto-merge for patch and minor updates | |
| if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' | |
| run: gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Comment on major version updates | |
| if: steps.metadata.outputs.update-type == 'version-update:semver-major' | |
| run: | | |
| gh pr comment "$PR_URL" --body "🚨 **Major version update detected!** | |
| This PR contains a major version update that may include breaking changes. Please review manually before merging. | |
| If you're confident this update is safe, you can merge it manually or uncomment the auto-merge line in the workflow." | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |