From 7329bfd165ed26634e04eff2f29a32f1738db784 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bartosz=20J=C4=99drecki?= Date: Mon, 1 Sep 2025 21:55:21 +0200 Subject: [PATCH 1/4] Add auto-approve&merge workflow for dependabot --- .github/workflows/dbot-auto-merge.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/dbot-auto-merge.yml diff --git a/.github/workflows/dbot-auto-merge.yml b/.github/workflows/dbot-auto-merge.yml new file mode 100644 index 00000000..f1b092db --- /dev/null +++ b/.github/workflows/dbot-auto-merge.yml @@ -0,0 +1,23 @@ +# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions +name: Dependabot auto-approve and merge +on: pull_request + +permissions: + pull-requests: write + +env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + dependabot: + runs-on: ubuntu-latest + if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'splunk/splunk-sdk-python' + steps: + - name: Dependabot metadata + uses: dependabot/fetch-metadata@496eb7a6d053154f00e01044ab472077386f5a35 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve and auto-merge + run: | + gh pr review --approve "${{ github.event.pull_request.html_url }}" + gh pr merge --auto --merge "${{ github.event.pull_request.html_url }}" From 9e81ea4f9086d33b244c707215d67cf5f8e59700 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bartosz=20J=C4=99drecki?= Date: Mon, 1 Sep 2025 22:01:43 +0200 Subject: [PATCH 2/4] Change GHA job name --- .github/workflows/dbot-auto-merge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dbot-auto-merge.yml b/.github/workflows/dbot-auto-merge.yml index f1b092db..5acf7350 100644 --- a/.github/workflows/dbot-auto-merge.yml +++ b/.github/workflows/dbot-auto-merge.yml @@ -9,7 +9,7 @@ env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - dependabot: + auto-merge-dependabot: runs-on: ubuntu-latest if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'splunk/splunk-sdk-python' steps: From f71df890ccc165e93162ca19400ffece64eff3c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bartosz=20J=C4=99drecki?= Date: Mon, 1 Sep 2025 22:10:16 +0200 Subject: [PATCH 3/4] Refactoring --- .github/workflows/dbot-auto-merge.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/dbot-auto-merge.yml b/.github/workflows/dbot-auto-merge.yml index 5acf7350..8d7187c4 100644 --- a/.github/workflows/dbot-auto-merge.yml +++ b/.github/workflows/dbot-auto-merge.yml @@ -1,23 +1,21 @@ # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions -name: Dependabot auto-approve and merge +name: Dependabot auto-merge on: pull_request - permissions: pull-requests: write - env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: auto-merge-dependabot: runs-on: ubuntu-latest - if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'splunk/splunk-sdk-python' + if: github.event.pull_request.user.login == 'dependabot[bot]' steps: - - name: Dependabot metadata + - name: Fetch dependency metadata uses: dependabot/fetch-metadata@496eb7a6d053154f00e01044ab472077386f5a35 with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Approve and auto-merge - run: | - gh pr review --approve "${{ github.event.pull_request.html_url }}" - gh pr merge --auto --merge "${{ github.event.pull_request.html_url }}" + github-token: ${{ secrets.GITHUB_TOKEN }} + - name: Approve PR + run: gh pr review --approve "${{ github.event.pull_request.html_url }}" + - name: Merge PR + run: gh pr merge --auto --merge "${{ github.event.pull_request.html_url }}" From 91f14c6a0b73c2f77bb8f14ca34bde0602378518 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bartosz=20J=C4=99drecki?= Date: Mon, 1 Sep 2025 22:11:49 +0200 Subject: [PATCH 4/4] Revert not skipping action in forks --- .github/workflows/dbot-auto-merge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dbot-auto-merge.yml b/.github/workflows/dbot-auto-merge.yml index 8d7187c4..d9cf0da4 100644 --- a/.github/workflows/dbot-auto-merge.yml +++ b/.github/workflows/dbot-auto-merge.yml @@ -9,7 +9,7 @@ env: jobs: auto-merge-dependabot: runs-on: ubuntu-latest - if: github.event.pull_request.user.login == 'dependabot[bot]' + if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'splunk/splunk-sdk-python' steps: - name: Fetch dependency metadata uses: dependabot/fetch-metadata@496eb7a6d053154f00e01044ab472077386f5a35