Skip to content

Commit

Permalink
ci: Add dependabot.
Browse files Browse the repository at this point in the history
  • Loading branch information
ryohidaka committed Sep 7, 2024
1 parent 0604cf5 commit 267fb73
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 0 deletions.
15 changes: 15 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/sample-project" # Location of package manifests
schedule:
interval: "weekly"
groups:
dependencies:
patterns:
- "*"
28 changes: 28 additions & 0 deletions .github/workflows/dependabot-auto-merge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: Dependabot auto-merge
on: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
dependabot-auto-merge:
runs-on: ubuntu-latest

if: ${{ github.actor == 'dependabot[bot]' }}

steps:
- name: Dependabot metadata
id: metadata

uses: dependabot/[email protected]
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"

- name: Enable auto-merge for Dependabot PRs

if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' }}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

0 comments on commit 267fb73

Please sign in to comment.