-
Notifications
You must be signed in to change notification settings - Fork 6
42 lines (36 loc) · 1.12 KB
/
dependabot_automerge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Set permissions to auto-merge updates.
# Note: this is not very secure.
# Other note: Most actions that claim to do this are broken, many hour spent here
# https://github.com/marketplace/actions/github-action-merge-dependabot
name: automerge
on: [pull_request]
jobs:
automerge:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
steps:
- uses: fastify/[email protected]
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
# broke as hecc
# name: Dependabot auto-merge
# on: pull_request
# permissions:
# contents: write
# jobs:
# dependabot:
# runs-on: ubuntu-latest
# if: ${{ github.actor == 'dependabot[bot]' }}
# steps:
# - name: Dependabot metadata
# id: metadata
# uses: dependabot/[email protected]
# with:
# github-token: "${{ secrets.GITHUB_TOKEN }}"
# - name: Enable auto-merge for Dependabot PRs
# run: gh pr merge --auto --merge "$PR_URL"
# env:
# PR_URL: ${{github.event.pull_request.html_url}}
# GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}