From 6769ab28114cfe7bec2503e06b5b073ff72b1fd1 Mon Sep 17 00:00:00 2001
From: Vasiliy Tolstov <v.tolstov@unistack.org>
Date: Tue, 22 Mar 2022 23:26:32 +0300
Subject: [PATCH] update workflows

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
---
 .github/workflows/autoapprove.yml          | 20 ++++++
 .github/workflows/automerge.yml            | 21 +++++++
 .github/workflows/build.yml                |  1 +
 .github/workflows/codeql-analysis.yml      | 21 ++++---
 .github/workflows/dependabot-automerge.yml | 73 +++++-----------------
 .github/workflows/pr.yml                   |  1 +
 6 files changed, 72 insertions(+), 65 deletions(-)
 create mode 100644 .github/workflows/autoapprove.yml
 create mode 100644 .github/workflows/automerge.yml

diff --git a/.github/workflows/autoapprove.yml b/.github/workflows/autoapprove.yml
new file mode 100644
index 0000000..ebe28c9
--- /dev/null
+++ b/.github/workflows/autoapprove.yml
@@ -0,0 +1,20 @@
+name: "autoapprove"
+
+on:
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened]
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  autoapprove:
+    runs-on: ubuntu-latest
+    steps:
+      - name: approve
+        uses: hmarr/auto-approve-action@v2
+        if: github.actor == 'vtolstov' || github.actor == 'dependabot[bot]'
+        id: approve
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml
new file mode 100644
index 0000000..5ff3f69
--- /dev/null
+++ b/.github/workflows/automerge.yml
@@ -0,0 +1,21 @@
+name: "automerge"
+
+on:
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened]
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  automerge:
+    runs-on: ubuntu-latest
+    if: github.actor == 'vtolstov'
+    steps:
+      - name: merge
+        id: merge
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 7b63405..ddc5253 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -3,6 +3,7 @@ on:
  push:
     branches:
     - master
+    - v3
 jobs:
   test:
     name: test
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 9a3f470..b3d478e 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: "codeql"
 
 on:
   workflow_run:
@@ -17,16 +17,16 @@ on:
     types:
       - completed
   push:
-    branches: [ master ]
+    branches: [ master, v3 ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ master, v3 ]
   schedule:
     - cron: '34 1 * * 0'
 
 jobs:
   analyze:
-    name: Analyze
+    name: analyze
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -42,11 +42,14 @@ jobs:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
 
     steps:
-    - name: Checkout repository
+    - name: checkout
       uses: actions/checkout@v3
-
+    - name: setup
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.17
     # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
+    - name: init
       uses: github/codeql-action/init@v1
       with:
         languages: ${{ matrix.language }}
@@ -57,7 +60,7 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
+    - name: autobuild
       uses: github/codeql-action/autobuild@v1
 
     # ℹ️ Command-line programs to run using the OS shell.
@@ -71,5 +74,5 @@ jobs:
     #   make bootstrap
     #   make release
 
-    - name: Perform CodeQL Analysis
+    - name: analyze
       uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml
index 69de7d8..3681028 100644
--- a/.github/workflows/dependabot-automerge.yml
+++ b/.github/workflows/dependabot-automerge.yml
@@ -1,66 +1,27 @@
-name: "prautomerge"
+name: "dependabot-automerge"
 
 on:
-  workflow_run:
-    workflows: ["prbuild"]
-    types:
-      - completed
+  pull_request_target:
+    types: [assigned, opened, synchronize, reopened]
 
 permissions:
-  contents: write
   pull-requests: write
+  contents: write
 
 jobs:
-  Dependabot-Automerge:
+  automerge:
     runs-on: ubuntu-latest
-    # Contains workaround to execute if dependabot updates the PR by checking for the base branch in the linked PR
-    # The the github.event.workflow_run.event value is 'push' and not 'pull_request'
-    # dont work with multiple workflows when last returns success
-    if: >-
-      github.event.workflow_run.conclusion == 'success'
-      && github.actor == 'dependabot[bot]'
-      && github.event.sender.login == 'dependabot[bot]'
-      && github.event.sender.type == 'Bot'
-      && (github.event.workflow_run.event == 'pull_request'
-          || (github.event.workflow_run.event == 'push' && github.event.workflow_run.pull_requests[0].base.ref == github.event.repository.default_branch ))
+    if: github.actor == 'dependabot[bot]'
     steps:
-      - name: Approve Changes and Merge changes if label 'dependencies' is set
-        uses: actions/github-script@v6
+      - name: metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.3.0
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            console.log(context.payload.workflow_run);
-            
-            var labelNames = await github.paginate(
-              github.issues.listLabelsOnIssue,
-              {
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                issue_number: context.payload.workflow_run.pull_requests[0].number,
-              },
-              (response) => response.data.map(
-                (label) => label.name
-              )
-            );
-
-            console.log(labelNames);
-
-            if (labelNames.includes('dependencies')) {
-              console.log('Found label');
-
-              await github.pulls.createReview({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-                event: 'APPROVE'
-              });
-              console.log('Approved PR');
-
-              await github.pulls.merge({
-                repo: context.repo.repo,
-                owner: context.repo.owner,
-                pull_number: context.payload.workflow_run.pull_requests[0].number,
-              });
-
-              console.log('Merged PR');
-            }
+          github-token: "${{ secrets.TOKEN }}"
+      - name: merge
+        id: merge
+        if: ${{contains(steps.metadata.outputs.dependency-names, 'go.unistack.org')}}
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.TOKEN}}
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 3682e71..b6a6345 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -3,6 +3,7 @@ on:
   pull_request:
     branches:
     - master
+    - v3
 jobs:
   test:
     name: test
-- 
2.45.2