Test dependabot action

.github/workflows/dependabot_specific.yml

@@ -0,0 +1,114 @@
+# **what?**
+# When dependabot create a PR, it always adds the `dependencies` label. This
+# action will add a corresponding changie yaml file to that PR when that label is added.
+# The file is created off a template:
+#
+# kind: Dependencies
+# body: <PR title>
+# time: <current timestamp>
+# custom:
+#   Author: dependabot
+#   Issue: 4904
+#   PR: <PR number>
+#
+# **why?**
+# Automate changelog generation for more visability with automated dependency updates via dependabot.
+
+# **when?**
+# Once a PR is created and it has been correctly labeled with `dependencies`.  The intended use
+# is for the PRs created by dependabot.  You can also manually trigger this by adding the
+# `dependencies` label at any time.
+
+name: Dependency Changelog
+
+on:
+  pull_request:
+    # catch when the PR is opened with the label or when the label is added
+    types: [opened, labeled]
+
+permissions:
+  contents: write
+  pull-requests: read
+
+jobs:
+  dependency_changelog:
+    if: "contains(github.event.pull_request.labels.*.name, 'dependencies')"
+    runs-on: ubuntu-latest
+
+    steps:
+    # timestamp changes the order the changelog entries are listed in the final Changelog.md file.  Precision is not
+    # important here.
+    # The timestamp on the filename and the timestamp in the contents of the file have different expected formats.
+    - name: Get File Name Timestamp
+      id: filename_time
+      uses: nanzm/get-time-action@v1.1
+      with:
+        format: 'YYYYMMDD-HHmmss'
+
+    - name: Get File Content Timestamp
+      id: file_content_time
+      uses: nanzm/get-time-action@v1.1
+      with:
+        format: 'YYYY-MM-DDTHH:mm:ss.000000-05:00'
+
+    # changie expects files to be named in a specific pattern.
+    - name: Generate Filepath
+      id: fp
+      run: |
+        FILEPATH=.changes/unreleased/Dependencies-${{ steps.filename_time.outputs.time }}.yaml
+        echo "::set-output name=FILEPATH::$FILEPATH"
+
+    - name: Check if changelog file exists already
+      # if there's already a changelog entry, don't add another one!
+      # https://github.com/marketplace/actions/paths-changes-filter
+      # For each filter, it sets output variable named by the filter to the text:
+      #  'true' - if any of changed files matches any of filter rules
+      #  'false' - if none of changed files matches any of filter rules
+      # also, returns:
+      #  `changes` - JSON array with names of all filters matching any of the changed files
+      uses: dorny/paths-filter@v2
+      id: changelog_check
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        filters: |
+          exists:
+            - added: '.changes/unreleased/**.yaml'
+
+    - name: Checkout Branch
+      if: steps.changelog_check.outputs.exists == 'false'
+      uses: actions/checkout@v2
+      with:
+        # specifying the ref avoids checking out the repository in a detached state
+        ref: ${{ github.event.pull_request.head.ref }}
+        # If this is not set to false, Git push is performed with github.token and not the token
+        # configured using the env: GITHUB_TOKEN in commit step
+        persist-credentials: false
+
+    - name: Create file from template
+      if: steps.changelog_check.outputs.exists == 'false'
+      run: |
+        echo kind: Dependencies > "${{ steps.fp.outputs.FILEPATH }}"
+        echo 'body: "${{ github.event.pull_request.title }}"' >> "${{ steps.fp.outputs.FILEPATH }}"
+        echo time: "${{ steps.file_content_time.outputs.time }}" >> "${{ steps.fp.outputs.FILEPATH }}"
+        echo custom: >> "${{ steps.fp.outputs.FILEPATH }}"
+        echo '  Author: ${{ github.event.pull_request.user.login }}' >> "${{ steps.fp.outputs.FILEPATH }}"
+        echo '  Issue: "4904"' >> "${{ steps.fp.outputs.FILEPATH }}"  # github.event.pull_request.issue for auto id?
+        echo '  PR: "${{ github.event.pull_request.number }}"' >> "${{ steps.fp.outputs.FILEPATH }}"
+
+    - name: Commit Changelog File
+      if: steps.changelog_check.outputs.exists == 'false'
+      uses: gr2m/create-or-update-pull-request-action@v1
+      env:
+        # When using the GITHUB_TOKEN, the resulting commit will not trigger another GitHub Actions
+        # Workflow run. This is due to limitations set by GitHub.
+        # See: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow
+        # When you use the repository's GITHUB_TOKEN to perform tasks on behalf of the GitHub Actions
+        # app, events triggered by the GITHUB_TOKEN will not create a new workflow run. This prevents
+        # you from accidentally creating recursive workflow runs. To get around this, use a Personal
+        # Access Token to commit changes.
+        GITHUB_TOKEN: ${{ secrets.EMMYOOP_BOT }}
+      with:
+        branch: ${{ github.event.pull_request.head.ref }}
+        # author expected in the format "Lorem J. Ipsum <lorem@example.com>"
+        author: "emmyoop bot <emilyhayne@gmail.com>"
+        commit-message: "Add automated changelog yaml from template"