diff --git a/.github/renovate.json b/.github/renovate.json index 715e64bd..8a2fa40f 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,4 +1,5 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": ["github>GoogleCloudPlatform/cloud-foundation-toolkit//infra/terraform/test-org/github/resources/renovate"] + "extends": ["github>GoogleCloudPlatform/cloud-foundation-toolkit//infra/terraform/test-org/github/resources/renovate"], + "automerge": true } diff --git a/.github/workflows/dependabot-automation.yaml b/.github/workflows/dependabot-automation.yaml new file mode 100644 index 00000000..4a6cc788 --- /dev/null +++ b/.github/workflows/dependabot-automation.yaml @@ -0,0 +1,45 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: Dependabot automation + +on: # yamllint disable-line rule:truthy + pull_request: + types: + - opened + - synchronize + +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + steps: + - name: Fetch Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve the PR + run: gh pr review --approve "${PR_URL}" + - name: Enable auto-merge for PRs + run: gh pr merge --auto --squash --delete-branch "${PR_URL}" +...