2rabs/nito-app

View on GitHub
.github/workflows/dependabot-auto-merge.yml

Summary

Maintainability
Test Coverage
name: "Dependabot auto-merge"

on:
  pull_request: ~

permissions:
  contents: write
  pull-requests: write

jobs:
  dependabot:
    runs-on: ubuntu-24.04
    if: github.actor == 'dependabot[bot]'
    steps:
      # https://github.com/marketplace/actions/create-github-app-token
      - name: Create GitHub App Token
        uses: actions/create-github-app-token@v1.11.0
        id: app-token
        with:
          app-id: ${{ vars.BOT_APP_ID }}
          private-key: ${{ secrets.BOT_PRIVATE_KEY }}

      # https://github.com/marketplace/actions/fetch-metadata-from-dependabot-prs
      - name: Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@v2.2.0
        with:
          github-token: "${{ steps.app-token.outputs.token }}"

      - name: Enable auto-merge for Dependabot PRs
        if: |
          steps.metadata.outputs.update-type == 'version-update:semver-patch' ||
          steps.metadata.outputs.update-type == 'version-update:semver-minor'
        run: |
          gh pr review --approve "$PR_URL"
          gh pr merge --auto --merge "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
          GH_TOKEN: ${{ steps.app-token.outputs.token }}