name: "Pull Request Auto Merge" on: workflow_run: workflows: ["prbuild", "CodeQL"] types: - completed permissions: contents: write pull-requests: write jobs: Dependabot-Automerge: runs-on: ubuntu-latest # Contains workaround to execute if dependabot updates the PR by checking for the base branch in the linked PR # The the github.event.workflow_run.event value is 'push' and not 'pull_request' if: >- github.event.workflow_run.conclusion == 'success' && github.actor == 'dependabot[bot]' && github.event.sender.login == 'dependabot[bot]' && github.event.sender.type == 'Bot' && (github.event.workflow_run.event == 'pull_request' || (github.event.workflow_run.event == 'push' && github.event.workflow_run.pull_requests[0].base.ref == github.event.repository.default_branch )) steps: - name: Approve Changes and Merge changes if label 'dependencies' is set uses: actions/github-script@v4.0.2 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | var labelNames = await github.paginate( github.issues.listLabelsOnIssue, { repo: context.repo.repo, owner: context.repo.owner, issue_number: context.payload.workflow_run.pull_requests[0].number, }, (response) => response.data.map( (label) => label.name ) ); console.log(labelNames); if (labelNames.includes('dependencies')) { console.log('Found label'); await github.pulls.createReview({ repo: context.repo.repo, owner: context.repo.owner, pull_number: context.payload.workflow_run.pull_requests[0].number, event: 'APPROVE' }); console.log('Approved PR'); await github.pulls.merge({ repo: context.repo.repo, owner: context.repo.owner, pull_number: context.payload.workflow_run.pull_requests[0].number, }); console.log('Merged PR'); }