-
Notifications
You must be signed in to change notification settings - Fork 10
44 lines (37 loc) · 1.95 KB
/
dependabot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# smoelius: This workflow is largely based on:
# https://docs.github.com/en/actions/managing-issues-and-pull-requests/adding-labels-to-issues#creating-the-workflow
name: Dependabot workflow
on: [pull_request]
jobs:
dependabot:
# smoelius: Note that `github.event.pull_request.user.login` is the user that opened the pull
# request, which may be different from the user that triggered the action.
if: ${{ github.actor == 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- name: Check updated files
# smoelius: Dependabot should update only manifest and/or lockfiles. Hard error otherwise.
run: |
git diff --name-only ${{ github.event.pull_request.base.sha }} | grep .
! git diff --name-only ${{ github.event.pull_request.base.sha }} | grep -v '^\.github/workflows/\|\(^\|/\)Cargo\.\(lock\|toml\)$'
- name: Add `requires release` label
run: |
PACKAGE="$(expr '${{ github.event.pull_request.title }}' : '^Bump \([^ ]*\) from [^ ]* to [^ ]*$')"
OLD_VERSION="$(expr '${{ github.event.pull_request.title }}' : '^Bump [^ ]* from \([^ ]*\) to [^ ]*$')"
NEW_VERSION="$(expr '${{ github.event.pull_request.title }}' : '^Bump [^ ]* from [^ ]* to \([^ ]*\)$')"
test -n "$PACKAGE"
test -n "$OLD_VERSION"
test -n "$NEW_VERSION"
git reset --hard HEAD~1
if ! cargo update "$PACKAGE@$OLD_VERSION" --precise "$NEW_VERSION"; then
gh pr edit '${{ github.event.pull_request.number }}' --add-label 'requires release'
fi
env:
# smoelius: The `DEPENDABOT_REPO_TOKEN` requires SSO authorization and the following
# scopes: `public_repo`, `read:org`, and `read:discussion`.
GH_TOKEN: ${{ secrets.DEPENDABOT_REPO_TOKEN }}
GH_REPO: ${{ github.repository }}