From 91e463ff007848f88786954d7ccdef2098fe6680 Mon Sep 17 00:00:00 2001 From: =?utf8?q?John=20Molakvo=C3=A6=20=28skjnldsv=29?= Date: Mon, 7 Sep 2020 11:43:49 +0200 Subject: [PATCH] Move to automated dependabot merging MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: John Molakvoæ (skjnldsv) --- .github/dependabot.yml | 92 +++++++++++++++++++ .../workflows/dependabot-approve-merge.yml | 19 ++++ 2 files changed, 111 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/dependabot-approve-merge.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000000..ab959ecac6e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,92 @@ +version: 2 +updates: +# Linting and coding style +- package-ecosystem: composer + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Main master npm +- package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Testing master npm +- package-ecosystem: npm + directory: "/build" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Testing master composer +- package-ecosystem: composer + directory: "/build/integration" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + + +# Main stableXX npm +- package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + # Only allow updates to the lockfile + versioning-strategy: lockfile-only + target-branch: + - stable19 + - stable18 + - stable17 + labels: + - 3. to review + - "feature: dependencies" + +# Testing StableXX composer +- package-ecosystem: composer + directory: "/build/integration" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + # Only allow updates to the lockfile + versioning-strategy: lockfile-only + target-branch: + - stable19 + - stable18 + - stable17 + labels: + - 3. to review + - "feature: dependencies" diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml new file mode 100644 index 00000000000..201d7f5ebf2 --- /dev/null +++ b/.github/workflows/dependabot-approve-merge.yml @@ -0,0 +1,19 @@ +name: Dependabot +on: pull_request + +jobs: + auto-merge: + runs-on: ubuntu-latest + steps: + # Default github action approve + - uses: hmarr/auto-approve-action@v2.0.0 + if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + # Nextcloud bot approve and merge request + - uses: ahmadnassri/action-dependabot-auto-merge@v1 + if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' + with: + target: patch + github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }} -- 2.39.5