From 3e391f0cda4811c0273caa503c30388caab85eaf Mon Sep 17 00:00:00 2001
From: Vasiliy Tolstov <v.tolstov@unistack.org>
Date: Wed, 27 Oct 2021 19:04:49 +0300
Subject: [PATCH] update workflows

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
---
 .github/workflows/codeql-analysis.yml      | 21 +++---
 .github/workflows/dependabot-automerge.yml | 75 ++++++----------------
 2 files changed, 32 insertions(+), 64 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index fa4081e..b50aad2 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: "codeql"
 
 on:
   workflow_run:
@@ -17,16 +17,16 @@ on:
     types:
       - completed
   push:
-    branches: [ master ]
+    branches: [ master, v3 ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ master, v3 ]
   schedule:
     - cron: '34 1 * * 0'
 
 jobs:
   analyze:
-    name: Analyze
+    name: analyze
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -42,11 +42,14 @@ jobs:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
 
     steps:
-    - name: Checkout repository
+    - name: checkout
       uses: actions/checkout@v2
-
+    - name: setup
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.16
     # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
+    - name: init
       uses: github/codeql-action/init@v1
       with:
         languages: ${{ matrix.language }}
@@ -57,7 +60,7 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
+    - name: autobuild
       uses: github/codeql-action/autobuild@v1
 
     # ℹ️ Command-line programs to run using the OS shell.
@@ -71,5 +74,5 @@ jobs:
     #   make bootstrap
     #   make release
 
-    - name: Perform CodeQL Analysis
+    - name: analyze
       uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml
index dd6a62e..69e4c39 100644
--- a/.github/workflows/dependabot-automerge.yml
+++ b/.github/workflows/dependabot-automerge.yml
@@ -1,66 +1,31 @@
 name: "prautomerge"
 
 on:
-  workflow_run:
-    workflows: ["prbuild"]
-    types:
-      - completed
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened]
 
 permissions:
-  contents: write
   pull-requests: write
+  contents: write
 
 jobs:
-  Dependabot-Automerge:
+  dependabot:
     runs-on: ubuntu-latest
-    # Contains workaround to execute if dependabot updates the PR by checking for the base branch in the linked PR
-    # The the github.event.workflow_run.event value is 'push' and not 'pull_request'
-    # dont work with multiple workflows when last returns success
-    if: >-
-      github.event.workflow_run.conclusion == 'success'
-      && github.actor == 'dependabot[bot]'
-      && github.event.sender.login == 'dependabot[bot]'
-      && github.event.sender.type == 'Bot'
-      && (github.event.workflow_run.event == 'pull_request'
-          || (github.event.workflow_run.event == 'push' && github.event.workflow_run.pull_requests[0].base.ref == github.event.repository.default_branch ))
+    if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Approve Changes and Merge changes if label 'dependencies' is set
-        uses: actions/github-script@v5
+      - name: metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.1.1
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            console.log(context.payload.workflow_run);
-            
-            var labelNames = await github.paginate(
-              github.issues.listLabelsOnIssue,
-              {
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                issue_number: context.payload.workflow_run.pull_requests[0].number,
-              },
-              (response) => response.data.map(
-                (label) => label.name
-              )
-            );
-
-            console.log(labelNames);
-
-            if (labelNames.includes('dependencies')) {
-              console.log('Found label');
-
-              await github.pulls.createReview({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-                event: 'APPROVE'
-              });
-              console.log('Approved PR');
-
-              await github.pulls.merge({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-              });
-
-              console.log('Merged PR');
-            }
+          github-token: "${{ secrets.TOKEN }}"
+      - name: approve
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}
+      - name: merge
+        if: ${{contains(steps.metadata.outputs.dependency-names, 'go.unistack.org')}}
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}