Reusable GitHub workflows
See GitHub's "Reusing Workflows" documentation for more information on how to reduce duplication and reuse workflows between repositories.
This action will add one approval to a PR and will mark it to auto-merge for any PRs that have been opened by the Dependabot user.
This requires:
- Branch protection to be set on the
mainbranch with some level of CI - Repository enabled with auto-merge functionality
- Elevated permissions from the calling workflow
- Needs to pass
secrets: inheritto the job for theGITHUB_TOKEN
name: Dependabot PRs
on: pull_request_target
jobs:
dependabot-pr-review:
permissions:
pull-requests: write
contents: write
uses: brianespinosa/actions/.github/workflows/dependabot-pr-review.yml@main
secrets: inheritThis action will run lint with the fix flag and commit/push the changes for any PRs that have been opened by the Dependabot user. It is intended to be used with the above dependabot-pr-review action on NX repositories that use the @nx/dependency-checks lint rule for buildable/publishable packages.
This requires:
- Elevated permissions from the calling workflow
- Needs to pass
secrets: inheritto the job for theGITHUB_TOKEN
name: Dependabot PRs
on: pull_request_target
jobs:
dependabot-pr-review:
permissions:
pull-requests: write
contents: write
uses: brianespinosa/actions/.github/workflows/dependabot-pr-review.yml@main
secrets: inherit
dependabot-pr-nx-lint-fix:
needs: dependabot-pr-review
permissions:
pull-requests: write
contents: write
uses: brianespinosa/actions/.github/workflows/dependabot-pr-nx-lint-fix.yml@main
secrets: inherit