Auto Merge Dependabot PRs #52

Workflow file for this run

.github/workflows/auto-merge-dependabot.yml at d420230

	name: Auto Merge Dependabot PRs

	on:
	schedule:
	# Run daily at 04:00 UTC since dependabot runs at 03:00 UTC
	- cron: '0 4 * * *'
	workflow_dispatch: # Allow manual trigger

	permissions:
	contents: write
	pull-requests: write

	# This workflow uses a GitHub App token to approve and merge Dependabot PRs
	# The token is created using the `actions/create-github-app-token` action
	# The token is used so that the updates are made by the GitHub App instead of Github Actions
	# and will show up as such in the PR comments and history
	# In addition, the token is scoped to only the permissions needed for this workflow
	# see https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow for details

	jobs:
	auto-merge-dependabot:
	runs-on: ubuntu-latest
	steps:

	# Gets the GitHub App token
	- uses: actions/create-github-app-token@v2
	id: get-app-token
	with:
	# required
	app-id: ${{ secrets.DEPENDABOT_APP_ID }}
	private-key: ${{ secrets.DEPENDABOT_APP_KEY }}
	permission-pull-requests: write
	permission-contents: write

	- name: Checkout code
	uses: actions/checkout@v4
	with:
	token: ${{ steps.get-app-token.outputs.token }}
	persist-credentials: false

	- name: Setup GitHub CLI
	run: \|
	# GitHub CLI is pre-installed on GitHub-hosted runners
	gh --version

	- name: Make script executable
	run: chmod +x ./dev/auto-approve-dependabot.sh

	- name: Run auto approve script
	env:
	GITHUB_TOKEN: ${{ steps.get-app-token.outputs.token }}
	run: ./dev/auto-approve-dependabot.sh ${{ github.repository }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Auto Merge Dependabot PRs #52

Workflow file

Auto Merge Dependabot PRs #52

Uh oh!

Jobs

Run details

Workflow file for this run