Skip to content

Bump lewagon/wait-on-check-action from 1.4.1 to 1.7.0 #543

Bump lewagon/wait-on-check-action from 1.4.1 to 1.7.0

Bump lewagon/wait-on-check-action from 1.4.1 to 1.7.0 #543

name: Auto Merge Dependabot PRs
on:
pull_request_target:
types:
- opened
- reopened
- synchronize
- auto_merge_enabled
- auto_merge_disabled
branches:
- main
permissions:
contents: write
pull-requests: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- name: Wait all checks
uses: lewagon/wait-on-check-action@v1.7.0
with:
ref: ${{ github.event.pull_request.head.sha }}
check-name: final_check
wait-interval: 10
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v3
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Add a label for all production dependencies
if: steps.metadata.outputs.dependency-type == 'direct:production'
run: gh pr edit "$PR_URL" --add-label "production"
env:
PR_URL: ${{github.event.pull_request.html_url}}
- name: Enable auto-merge for Dependabot PRs
# steps.dependabot-metadata.outputs.update-type:
# The highest semver change being made by this PR,
# e.g. version-update:semver-major.
# For all possible values, see the ignore documentation.
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#ignore
if: contains(steps.metadata.outputs.update-type, 'version-update:semver')
run: gh pr merge --auto --squash ${{ github.event.pull_request.html_url }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}