feat(grants): Forecasted UI - - MERGE AFTER PR # 3456 #7090
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Automatically approves pull requests if: | |
# 1. The PR was opened by Dependabot | |
# 2. The dependency's semantic versioning change is either minor or patch (not major) | |
name: Dependabot auto-approve | |
on: pull_request_target | |
permissions: | |
pull-requests: write | |
contents: write | |
jobs: | |
dependabot: | |
runs-on: ubuntu-latest | |
if: ${{ github.actor == 'dependabot[bot]' }} | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
- name: Dependabot metadata | |
id: dependabot-metadata | |
uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 | |
- name: Approve a PR if dependency semver changes are minor or patch | |
if: ${{ contains(fromJson('["version-update:semver-patch", "version-update:semver-minor"]'), steps.dependabot-metadata.outputs.update-type) }} | |
run: gh pr review --approve "$PR_URL" | |
env: | |
PR_URL: ${{ github.event.pull_request.html_url }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Enable auto-merge if dependency semver changes are minor or patch | |
if: ${{ contains(fromJson('["version-update:semver-patch", "version-update:semver-minor"]'), steps.dependabot-metadata.outputs.update-type) }} | |
run: | | |
echo "Enabling auto-merge for Dependabot $UPDATE_TYPE" | |
gh pr merge --auto --squash "$PR_URL" | |
env: | |
PR_URL: ${{ github.event.pull_request.html_url }} | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
UPDATE_TYPE: ${{ steps.dependabot-metadata.outputs.update-type }} |