From ea607a27964d493069d1af1de267b73086617482 Mon Sep 17 00:00:00 2001
From: Christian Zunker <christian@mondoo.com>
Date: Wed, 4 Sep 2024 13:39:16 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=A4=96=20Auto=20approve=20go=20dep=20PRs?=
 =?UTF-8?q?=20by=20dependabot?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

2nd try

We cannot use the examples from the docs because we trigger this workflow on 'push' and not on '
pull_request'.

Signed-off-by: Christian Zunker <christian@mondoo.com>
---
 .github/workflows/pr-test-lint.yml | 39 ++++++++++++------------------
 1 file changed, 15 insertions(+), 24 deletions(-)

diff --git a/.github/workflows/pr-test-lint.yml b/.github/workflows/pr-test-lint.yml
index c27c2285..68c44dce 100644
--- a/.github/workflows/pr-test-lint.yml
+++ b/.github/workflows/pr-test-lint.yml
@@ -88,39 +88,30 @@ jobs:
           name: test-results
           path: report.xml
 
-  debug:
-    runs-on: ubuntu-latest
-    needs: go-test
-    steps:
-      - name: Dump GitHub context
-        env:
-          GITHUB_CONTEXT: ${{ toJson(github) }}
-        run: echo "$GITHUB_CONTEXT"
-
   go-auto-approve:
     runs-on: ubuntu-latest
     needs: go-test
-    if: ${{ github.actor == 'dependabot[bot]' && needs.go-test.outputs.outcome == 'success' }}
+    # For now, we only auto approve and merge go dep PRs because we have tests for this in place.
+    # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#startswith
+    if: ${{ startsWith(github.ref, 'refs/heads/dependabot/go_modules') && github.actor == 'dependabot[bot]' && needs.go-test.outputs.outcome == 'success' }}
     permissions:
       contents: write
       pull-requests: write
     steps:
-      - name: Fetch PR infos
-        id: metadata
-        uses: dependabot/fetch-metadata@v2
+      # figure out the PR for this commit
+      - uses: cloudposse-github-actions/get-pr@v1.0.1
+        id: pr
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
-      - name: Debug metadata
-        run: echo "${{ steps.metadata.outputs }}"
-      # - name: Approve a PR
-      #   # For now, we only auto approve and merge go dep PRs because we have tests for this in place.
-      #   if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'go' }}
-      #   # Settings the comment will auto merge the PR after all tests passed
-      #   # https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands
-      #   run: gh pr review --comment "@dependabot squash and merge" --approve "$PR_URL"
-      #   env:
-      #     PR_URL: ${{github.event.pull_request.html_url}}
-      #     GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          filterOutClosed: true
+          filterOutDraft: true
+      - name: Approve a PR
+        # Settings the comment will auto merge the PR after all tests passed
+        # https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands
+        run: gh pr review --comment "@dependabot squash and merge" --approve "$PR_URL"
+        env:
+          PR_URL: ${{ steps.pr.outputs.url }}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
 
   event_file:
     name: "Store event file"