File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1- # https://docs.github.com/en/code-security/tutorials/secure-your-dependencies/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
1+ # Auto-merge Dependabot PRs after CI passes.
2+ # Triggers on push to dependabot/* branches so it does NOT appear as a PR check.
23name : Dependabot auto-merge
3- on : pull_request_target
4+ on :
5+ push :
6+ branches :
7+ - ' dependabot/**'
48
59permissions :
610 contents : write
@@ -9,15 +13,13 @@ permissions:
913jobs :
1014 dependabot :
1115 runs-on : ubuntu-latest
12- if : github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'graphql-java/graphql-java'
16+ if : github.actor == 'dependabot[bot]' && github.repository == 'graphql-java/graphql-java'
1317 steps :
14- - name : Dependabot metadata
15- id : metadata
16- uses : dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7
17- with :
18- github-token : " ${{ secrets.GITHUB_TOKEN }}"
1918 - name : Enable auto-merge for Dependabot PRs
20- run : gh pr merge --auto --squash "$PR_URL"
19+ run : |
20+ PR_URL=$(gh pr list --head "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" --json url --jq '.[0].url')
21+ if [ -n "$PR_URL" ]; then
22+ gh pr merge --auto --squash "$PR_URL"
23+ fi
2124env :
22- PR_URL : ${{ github.event.pull_request.html_url }}
2325 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
You can’t perform that action at this time.
0 commit comments