Auto merge dependabot PR after all checks have passed
I want to auto-merge Dependabot PR once all checks(or workflows) on Dependabot PR have been passed.
Currently, I am using this logic to trigger auto-merge action:
on:
workflow_run:
workflows: ["Lint and Unit tests"]
types:
- completed
Once all checks are passed on the Dependabot PR it triggers the auto-merge workflow but the issue is that it does not work due to a lack of pull_request payload in the workflow.
Errors and warnings on auto-merge workflow:
Solution
Following workflow does it for us:
name: Dependabot auto-merge
on:
pull_request_target:
types: [review_requested]
permissions:
contents: write
pull-requests: write
packages: read
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.3.4
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
skip-commit-verification: true
- name: Checkout repository
uses: actions/checkout@v3
- name: Approve a PR if not already approved
run: |
gh pr checkout "$PR_URL"
if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ];
then
gh pr review --approve "$PR_URL"
else
echo "PR already approved.";
fi
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Enable auto-merge for Dependabot PRs
if: ${{ contains(github.event.pull_request.title, 'bump')}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.RELEASE_TOKEN}}
Where RELEASE_TOKEN has extended scopes (workflow, write:packages, admin:org), branch protection is activated (review is required), dependabot is configured to have 'reviewers:' set, auto merge is enabled at org and repo level.
- How to escape a '#' so it will NOT reference an issue in a GitHub comment?
- Git : fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists
- Stuck at push, nothing happens
- hiding secret key in django project on github after uploading project
- Linking to other Wiki pages on GitHub?
- How to git pull rebase when I have deleted files locally?
- How do I check how git was installed on OS X?
- How to configure titles for workflow runs?
- How can I see my git secrets unencrypted?
- Why does git submodule update fail with "fatal: remote error: upload-pack: not our ref"?
- Watch GitHub Actions workflow output in CLI?
- Github REST API - Retrieve Pull Request comments under "Conversation" section
- Integrate RPGLE from GitHub to iSeries (IBM i)
- Can't push to GitHub because of large file which I already deleted
- How can I remove a Git branch locally?
- Image not showing up in README.md on GitHub
- List remote branches - git branch -a vs git ls-remote --heads origin
- How to remove file from Git history?
- How to fix .vscode tracking in gitignore
- Find out the admin(s) for a git repo
- GitHub Contributions in the last year changed it's color from green to orange
- Can not connect GitHub Copilot to my Visual Studio
- module jdk.compiler does not "opens com.sun.tools.javac.processing" to unnamed module @4bae33a6
- Identify all repositories which just have a master branch
- Code not pushing into a private repository
- Unable to find current revision in submodule path
- How do I implement social login with GitHub accounts?
- How to manage application.properties in Github CI/CD
- Error: "1824 bytes of body are still expected" while cloning repository from GitHub
- GitHub - Pull changes from a template repository