From 0a1f51cc2b5b3f23387fcdfdab9ad7721b27eaec Mon Sep 17 00:00:00 2001
From: Vasiliy Tolstov <v.tolstov@unistack.org>
Date: Wed, 27 Oct 2021 23:00:40 +0300
Subject: [PATCH] update workflows

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
---
 .github/workflows/codeql-analysis.yml      | 21 +++---
 .github/workflows/dependabot-automerge.yml | 75 ++++++----------------
 go.mod                                     |  4 +-
 go.sum                                     |  6 ++
 4 files changed, 40 insertions(+), 66 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index fa4081e..b50aad2 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: "codeql"
 
 on:
   workflow_run:
@@ -17,16 +17,16 @@ on:
     types:
       - completed
   push:
-    branches: [ master ]
+    branches: [ master, v3 ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ master, v3 ]
   schedule:
     - cron: '34 1 * * 0'
 
 jobs:
   analyze:
-    name: Analyze
+    name: analyze
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -42,11 +42,14 @@ jobs:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
 
     steps:
-    - name: Checkout repository
+    - name: checkout
       uses: actions/checkout@v2
-
+    - name: setup
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.16
     # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
+    - name: init
       uses: github/codeql-action/init@v1
       with:
         languages: ${{ matrix.language }}
@@ -57,7 +60,7 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
+    - name: autobuild
       uses: github/codeql-action/autobuild@v1
 
     # ℹ️ Command-line programs to run using the OS shell.
@@ -71,5 +74,5 @@ jobs:
     #   make bootstrap
     #   make release
 
-    - name: Perform CodeQL Analysis
+    - name: analyze
       uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml
index dd6a62e..69e4c39 100644
--- a/.github/workflows/dependabot-automerge.yml
+++ b/.github/workflows/dependabot-automerge.yml
@@ -1,66 +1,31 @@
 name: "prautomerge"
 
 on:
-  workflow_run:
-    workflows: ["prbuild"]
-    types:
-      - completed
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened]
 
 permissions:
-  contents: write
   pull-requests: write
+  contents: write
 
 jobs:
-  Dependabot-Automerge:
+  dependabot:
     runs-on: ubuntu-latest
-    # Contains workaround to execute if dependabot updates the PR by checking for the base branch in the linked PR
-    # The the github.event.workflow_run.event value is 'push' and not 'pull_request'
-    # dont work with multiple workflows when last returns success
-    if: >-
-      github.event.workflow_run.conclusion == 'success'
-      && github.actor == 'dependabot[bot]'
-      && github.event.sender.login == 'dependabot[bot]'
-      && github.event.sender.type == 'Bot'
-      && (github.event.workflow_run.event == 'pull_request'
-          || (github.event.workflow_run.event == 'push' && github.event.workflow_run.pull_requests[0].base.ref == github.event.repository.default_branch ))
+    if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Approve Changes and Merge changes if label 'dependencies' is set
-        uses: actions/github-script@v5
+      - name: metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.1.1
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            console.log(context.payload.workflow_run);
-            
-            var labelNames = await github.paginate(
-              github.issues.listLabelsOnIssue,
-              {
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                issue_number: context.payload.workflow_run.pull_requests[0].number,
-              },
-              (response) => response.data.map(
-                (label) => label.name
-              )
-            );
-
-            console.log(labelNames);
-
-            if (labelNames.includes('dependencies')) {
-              console.log('Found label');
-
-              await github.pulls.createReview({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-                event: 'APPROVE'
-              });
-              console.log('Approved PR');
-
-              await github.pulls.merge({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-              });
-
-              console.log('Merged PR');
-            }
+          github-token: "${{ secrets.TOKEN }}"
+      - name: approve
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}
+      - name: merge
+        if: ${{contains(steps.metadata.outputs.dependency-names, 'go.unistack.org')}}
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}
diff --git a/go.mod b/go.mod
index 14bbb28..eef7dd0 100644
--- a/go.mod
+++ b/go.mod
@@ -3,10 +3,10 @@ module github.com/unistack-org/micro-broker-nats/v3
 go 1.16
 
 require (
-	github.com/nats-io/nats-server/v2 v2.5.0 // indirect
+	github.com/nats-io/nats-server/v2 v2.6.1 // indirect
 	github.com/nats-io/nats.go v1.12.3
 	github.com/unistack-org/micro/v3 v3.7.4
-	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 )
diff --git a/go.sum b/go.sum
index c701088..52d5e46 100644
--- a/go.sum
+++ b/go.sum
@@ -14,6 +14,7 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
 github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/klauspost/compress v1.13.4 h1:0zhec2I8zGnjWcKyLl6i3gPqKANCCn5e9xmviEEeX6s=
 github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
@@ -25,6 +26,8 @@ github.com/nats-io/jwt/v2 v2.0.3 h1:i/O6cmIsjpcQyWDYNcq2JyZ3/VTF8SJ4JWluI5OhpvI=
 github.com/nats-io/jwt/v2 v2.0.3/go.mod h1:VRP+deawSXyhNjXmxPCHskrR6Mq50BqpEI5SEcNiGlY=
 github.com/nats-io/nats-server/v2 v2.5.0 h1:wsnVaaXH9VRSg+A2MVg5Q727/CqxnmPLGFQ3YZYKTQg=
 github.com/nats-io/nats-server/v2 v2.5.0/go.mod h1:Kj86UtrXAL6LwYRA6H4RqzkHhK0Vcv2ZnKD5WbQ1t3g=
+github.com/nats-io/nats-server/v2 v2.6.1 h1:cJy+ia7/4EaJL+ZYDmIy2rD1mDWTfckhtPBU0GYo8xM=
+github.com/nats-io/nats-server/v2 v2.6.1/go.mod h1:Az91TbZiV7K4a6k/4v6YYdOKEoxCXj+iqhHVf/MlrKo=
 github.com/nats-io/nats.go v1.12.1/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w=
 github.com/nats-io/nats.go v1.12.3 h1:te0GLbRsjtejEkZKKiuk46tbfIn6FfCSv3WWSo1+51E=
 github.com/nats-io/nats.go v1.12.3/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w=
@@ -33,6 +36,7 @@ github.com/nats-io/nkeys v0.3.0 h1:cgM5tL53EvYRU+2YLXIK0G2mJtK12Ft9oeooSZMA2G8=
 github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV6A5y4=
 github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
+github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/silas/dag v0.0.0-20210121180416-41cf55125c34/go.mod h1:7RTUFBdIRC9nZ7/3RyRNH1bdqIShrDejd1YbLwgPS+I=
 github.com/unistack-org/micro-proto v0.0.9 h1:KrWLS4FUX7UAWNAilQf70uad6ZPf/0EudeddCXllRVc=
@@ -45,6 +49,8 @@ golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 h1:HWj/xjIHfjYU5nVXpTM0s39J9CbLn7Cc5a7IC5rwsMQ=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=