shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: fix cla and dependabot notifications jobs (#16343)

Browse Source
This commit is contained in:
M Atif Ali
2025-01-31 19:17:47 +05:00
committed by GitHub
parent 2ace044e0b
commit e37b7fc481
2 changed files with 99 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/contrib.yaml
+4 -80
View File
@@ -2,15 +2,14 @@ name: contrib
on:
issue_comment:
types: [created]
pull_request:
types: [created, edited]
pull_request_target:
types:
- opened
- closed
- synchronize
- labeled
- unlabeled
- opened
- reopened
- edited
# For jobs that don't run on draft PRs.
@@ -23,88 +22,13 @@ permissions:
concurrency: pr-${{ github.ref }}
jobs:
# Dependabot is annoying, but this makes it a bit less so.
dependabot-automerge:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder'
permissions:
pull-requests: write
contents: write
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 # v2.3.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve the PR
run: gh pr review --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Enable auto-merge for Dependabot PRs
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
dependabot-automerge-notify:
# Send a slack notification when a dependabot PR is merged.
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder' && github.event.pull_request.merged
steps:
- name: Send Slack notification
env:
PR_URL: ${{github.event.pull_request.html_url}}
PR_TITLE: ${{github.event.pull_request.title}}
PR_NUMBER: ${{github.event.pull_request.number}}
run: |
curl -X POST -H 'Content-type: application/json' \
--data '{
"username": "dependabot",
"icon_url": "https://avatars.githubusercontent.com/u/27347476",
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": ":pr-merged: Auto merged Dependabot PR #${{ env.PR_NUMBER }}",
"emoji": true
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "${{ env.PR_TITLE }}"
}
]
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": "View PR"
},
"url": "${{ env.PR_URL }}"
}
]
}
]
}' ${{ secrets.DEPENDABOT_PRS_SLACK_WEBHOOK }}
cla:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: cla
if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request'
if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -123,7 +47,7 @@ jobs:
release-labels:
runs-on: ubuntu-latest
# Skip tagging for draft PRs.
if: ${{ github.event_name == 'pull_request' && !github.event.pull_request.draft }}
if: ${{ github.event_name == 'pull_request_target' && !github.event.pull_request.draft }}
steps:
- name: release-labels
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
.github/workflows/dependabot.yaml
+95
View File
@@ -0,0 +1,95 @@
name: dependabot
on:
pull_request:
types:
- opened
push:
branches:
- main
permissions:
contents: read
# Only run one instance per PR to ensure in-order execution.
concurrency: pr-${{ github.ref }}
jobs:
# Dependabot is annoying, but this makes it a bit less so.
dependabot-automerge:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.actor_id == 49699333 && github.repository == 'coder/coder'
permissions:
pull-requests: write
contents: write
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 # v2.3.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve the PR
run: |
echo "Approving $PR_URL"
gh pr review --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Enable auto-merge
run: |
echo "Enabling auto-merge for $PR_URL"
gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
dependabot-automerge-notify:
# Send a slack notification when a dependabot PR is merged.
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.actor == 'github-actions[bot]' && github.actor_id == 41898282 && github.repository == 'coder/coder'
steps:
- name: Send Slack notification
env:
PR_URL: ${{github.event.pull_request.html_url}}
PR_TITLE: ${{github.event.pull_request.title}}
PR_NUMBER: ${{github.event.pull_request.number}}
run: |
curl -X POST -H 'Content-type: application/json' \
--data '{
"username": "dependabot",
"icon_url": "https://avatars.githubusercontent.com/u/27347476",
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": ":pr-merged: Auto merged Dependabot PR #${{ env.PR_NUMBER }}",
"emoji": true
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "${{ env.PR_TITLE }}"
}
]
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": "View PR"
},
"url": "${{ env.PR_URL }}"
}
]
}
]
}' ${{ secrets.DEPENDABOT_PRS_SLACK_WEBHOOK }}