mirror of
https://github.com/sharkdp/bat.git
synced 2025-09-01 10:52:24 +01:00
Stop auto-merge dependabot PRs
Our CI runs a fair amount of unaudited third party code. I'd like to stop using my Personal Access Token until we have had time to security harden our CI.
This commit is contained in:
23
.github/workflows/Auto-merge-dependabot-PRs.yml
vendored
23
.github/workflows/Auto-merge-dependabot-PRs.yml
vendored
@@ -1,23 +0,0 @@
|
||||
# This workflow triggers auto-merge of any PR that dependabot creates so that
|
||||
# PRs will be merged automatically without maintainer intervention if CI passes
|
||||
name: Auto-merge dependabot PRs
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
types: [opened]
|
||||
|
||||
jobs:
|
||||
auto-merge:
|
||||
if: github.repository == 'sharkdp/bat' && startsWith(github.head_ref, 'dependabot/')
|
||||
runs-on: ubuntu-latest
|
||||
environment:
|
||||
name: auto-merge
|
||||
url: https://github.com/sharkdp/bat/blob/main/.github/workflows/Auto-merge-dependabot-PRs.yml
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.AUTO_MERGE_GITHUB_TOKEN }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- run: |
|
||||
gh pr review ${{ github.event.pull_request.number }} --comment --body "If CI passes, this dependabot PR will be [auto-merged](https://github.com/sharkdp/bat/blob/main/.github/workflows/Auto-merge-dependabot-PRs.yml) 🚀"
|
||||
- run: |
|
||||
gh pr merge --auto --squash ${{ github.event.pull_request.number }}
|
Reference in New Issue
Block a user