From 0ac90c1f2bdd6c7833739643e163be85334e4546 Mon Sep 17 00:00:00 2001 From: Marcin Grzejszczak Date: Mon, 3 Feb 2025 10:15:47 +0100 Subject: [PATCH 1/3] Update dependabot-automerge.yml Signed-off-by: Marcin Grzejszczak --- .github/workflows/dependabot-automerge.yml | 38 ++++++++-------------- 1 file changed, 13 insertions(+), 25 deletions(-) diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index a10b230f..65209736 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -1,30 +1,18 @@ -name: Dependabot auto-merge +name: Merge Dependabot PR + on: pull_request: - workflow_dispatch: # Enables manual trigger + branches: + - main + - '*.x' + +run-name: Merge Dependabot PR ${{ github.ref_name }} jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{github.event.pull_request.user.login == 'dependabot[bot]' && github.event_name == 'pull_request'}} - steps: - - name: Set merge target - id: set-target - run: | - if [ "${{ github.event.pull_request.base.ref }}" = "main" ]; then - echo "target=minor" >> $GITHUB_OUTPUT - else - echo "target=patch" >> $GITHUB_OUTPUT - fi + merge-dependabot-pr: + permissions: write-all - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v2 - with: - github-token: "${{ secrets.GH_ACTIONS_REPO_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - if: steps.metadata.outputs.update-type == format('version-update:semver-{0}', steps.set-target.outputs.target) - run: gh pr merge --auto --merge "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GH_TOKEN: ${{secrets.GH_ACTIONS_REPO_TOKEN}} + uses: spring-io/spring-github-workflows/.github/workflows/spring-merge-dependabot-pr.yml@v5 + with: + mergeArguments: --auto --squash + autoMergeSnapshots: true From cd7ef9e7fe5cf6370d78e5d67ed55af959607d5e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 10:18:27 +0100 Subject: [PATCH 2/3] Bump me.champeau.jmh:jmh-gradle-plugin from 0.7.2 to 0.7.3 (#951) Bumps me.champeau.jmh:jmh-gradle-plugin from 0.7.2 to 0.7.3. --- updated-dependencies: - dependency-name: me.champeau.jmh:jmh-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index eac92ee4..05eee57c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -71,6 +71,6 @@ plugin-nebulaInfo = { module = "com.netflix.nebula:gradle-info-plugin", version plugin-noHttp = { module = "io.spring.nohttp:nohttp-gradle", version = "0.0.11" } plugin-nexusPublish = { module = "io.github.gradle-nexus:publish-plugin", version = "1.3.0" } plugin-javaformat = { module = "io.spring.javaformat:spring-javaformat-gradle-plugin", version = "0.0.43" } -plugin-jmh = { module = "me.champeau.jmh:jmh-gradle-plugin", version = "0.7.2" } +plugin-jmh = { module = "me.champeau.jmh:jmh-gradle-plugin", version = "0.7.3" } plugin-spring-antora = { module = "io.spring.gradle.antora:spring-antora-plugin", version = "0.0.1" } plugin-antora = { module = "org.antora:gradle-antora-plugin", version = "1.0.0" } From e1299d48f0c9f4f01e0b00b10c69b28b4579d76b Mon Sep 17 00:00:00 2001 From: Marcin Grzejszczak Date: Wed, 5 Feb 2025 11:23:51 +0100 Subject: [PATCH 3/3] Pins to a commit for dependabot merge, otherwise milestones are wrongly set --- .github/workflows/dependabot-automerge.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index 65209736..127c0d0a 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -12,7 +12,8 @@ jobs: merge-dependabot-pr: permissions: write-all - uses: spring-io/spring-github-workflows/.github/workflows/spring-merge-dependabot-pr.yml@v5 + # Until v6 is released + uses: spring-io/spring-github-workflows/.github/workflows/spring-merge-dependabot-pr.yml@3f3e2c6aee0c7a371b5c1b0f890fd43a70a39769 with: mergeArguments: --auto --squash autoMergeSnapshots: true