1+ name : Dependabot PR auto-merge
2+
3+ on :
4+ workflow_run :
5+ workflows : [on-pull-request]
6+ types : ["completed"]
7+
8+ jobs :
9+ auto-merge :
10+ name : Auto-merge
11+ runs-on : ubuntu-latest
12+ # Run this only when the previous workflow was successfull & the initial actor was dependabot
13+ if : ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'dependabot[bot]' }}
14+ steps :
15+ - uses : actions/checkout@v2
16+ - name : Download PR artifact
17+ 18+ with :
19+ script : |
20+ const fs = require('fs');
21+
22+ // Get all artifacts
23+ const artifacts = await github.actions.listWorkflowRunArtifacts({
24+ owner: context.repo.owner,
25+ repo: context.repo.repo,
26+ run_id: ${{github.event.workflow_run.id }},
27+ });
28+
29+ // Identify the artifact of the PR
30+ const matchArtifact = artifacts.data.artifacts.filter((artifact) => {
31+ return artifact.name == "pr"
32+ })[0];
33+
34+ // Download the actual artifact
35+ const download = await github.actions.downloadArtifact({
36+ owner: context.repo.owner,
37+ repo: context.repo.repo,
38+ artifact_id: matchArtifact.id,
39+ archive_format: 'zip',
40+ });
41+
42+ // Write it to disk
43+ fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
44+ name : Unzip artifact
45+ run : unzip pr.zip
46+ - name : Merge PR
47+ uses : actions/github-script@v3
48+ with :
49+ script : |
50+ const fs = require('fs');
51+ const pullNumber = Number(fs.readFileSync('./NR'));
52+
53+ // Create a review
54+ github.pulls.createReview({
55+ owner: context.payload.repository.owner.login,
56+ repo: context.payload.repository.name,
57+ pull_number: pullNumber,
58+ event: 'APPROVE'
59+ })
60+
61+ // Merge PR
62+ github.pulls.merge({
63+ owner: context.payload.repository.owner.login,
64+ repo: context.payload.repository.name,
65+ pull_number: pullNumber,
66+ merge_method: 'squash'
67+ })
68+ github-token : ${{ secrets.GITHUB_TOKEN }}
0 commit comments