Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add dependabot auto merge workflow #99

Merged
merged 7 commits into from
Aug 14, 2024
Merged

Add dependabot auto merge workflow #99

merged 7 commits into from
Aug 14, 2024

Conversation

eliihen
Copy link
Contributor

@eliihen eliihen commented Aug 14, 2024
edited
Loading

Adds new reusable workflow that allows automatically merging PRs from dependabot that matches given patterns.

Example usage in .github/workflows/auto-merge.yml:

name: Dependabot auto-merge
on: pull_request_target

jobs:
  auto-merge-dependabot:
    permissions:
      id-token: write
      contents: write
      pull-requests: write
    uses: kartverket/github-workflows/.github/workflows/auto-merge-dependabot.yml@add-dependabot-merge

Example configfile in .github/auto-update.json:

[{
  "match": {
    "dependency_name": "hashicorp/google",
    "update_type": "semver:minor"
  }
}, {
  "match": {
    "dependency_name": "hashicorp/google-beta",
    "update_type": "semver:minor"
  }
}]

See working example in https://github.com/kartverket/gcp-service-accounts/pull/402.

Requires usage of newer branch rulesets (NOT older branch protection rules) so that one can exclude octo-sts from the rule and it can merge the PR.

image

@eliihen eliihen self-assigned this Aug 14, 2024
@eliihen eliihen marked this pull request as ready for review August 14, 2024 10:43
@eliihen eliihen requested a review from a team as a code owner August 14, 2024 10:43
martinhny
martinhny approved these changes Aug 14, 2024
View reviewed changes
Copy link
Contributor

@martinhny martinhny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pretty cool!

@eliihen eliihen merged commit 322f4ba into main Aug 14, 2024
@eliihen eliihen deleted the add-dependabot-merge branch August 14, 2024 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evenh evenh evenh approved these changes

@martinhny martinhny martinhny approved these changes

@SnorreSelmer SnorreSelmer Awaiting requested review from SnorreSelmer SnorreSelmer is a code owner automatically assigned from kartverket/skip

@berg-thom berg-thom Awaiting requested review from berg-thom berg-thom is a code owner automatically assigned from kartverket/skip

Assignees

@eliihen eliihen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@eliihen @evenh @martinhny