diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..02f7042 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,56 @@ +version: 2 + +updates: + - package-ecosystem: pip + open-pull-requests-limit: 5 + directory: / + registries: "*" + schedule: + interval: daily + time: "10:00" + timezone: America/Montreal + reviewers: + - potloc/data-engineering + assignees: + - potloc/data-engineering + labels: + - python + - dependencies + groups: # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups + minor-updates: + update-types: + - minor + patterns: + - "*" + major-updates: + update-types: + - major + patterns: + - "*" + rebase-strategy: auto + + - package-ecosystem: github-actions + open-pull-requests-limit: 5 + directory: / + schedule: + interval: daily + time: "10:00" + timezone: America/Montreal + reviewers: + - potloc/data-engineering + assignees: + - potloc/data-engineering + labels: + - github-actions + - dependencies + groups: + minor-updates: + update-types: + - minor + patterns: + - "*" + major-updates: + update-types: + - major + patterns: + - "*" \ No newline at end of file diff --git a/.github/workflows/dependabot_auto_merge.yml b/.github/workflows/dependabot_auto_merge.yml new file mode 100644 index 0000000..4c6a82f --- /dev/null +++ b/.github/workflows/dependabot_auto_merge.yml @@ -0,0 +1,57 @@ +name: Dependabot +on: + pull_request: + types: + - opened + - reopened + - synchronize + +permissions: + contents: write + pull-requests: write + repository-projects: read + +jobs: + dependabot: + name: Enable Auto-Merge and Approve + if: ${{ github.actor == 'dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'automerge') && !contains(github.head_ref, '/terraform/') }} + runs-on: ubuntu-latest + steps: + - name: Fetch Dependabot Metadata + id: metadata + uses: dependabot/fetch-metadata@v1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + + - name: GitHub Actions - Patch or Minor + if: ${{ contains(github.head_ref, '/github_actions/') && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch') }} + shell: bash --noprofile --norc -xeo pipefail {0} + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr review "$PR_URL" --approve + gh pr merge "$PR_URL" --auto --squash + gh pr edit "$PR_URL" --add-label 'automerge' + + - name: Development - Patch or Minor + if: ${{ !contains(github.head_ref, '/github_actions/') && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch') && steps.metadata.outputs.dependency-type == 'direct:development' }} + shell: bash --noprofile --norc -xeo pipefail {0} + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr review "$PR_URL" --approve + gh pr merge "$PR_URL" --auto --squash + gh pr edit "$PR_URL" --add-label 'automerge' + + - name: Production - Patch + if: ${{ !contains(github.head_ref, '/github_actions/') && steps.metadata.outputs.update-type == 'version-update:semver-patch' && steps.metadata.outputs.dependency-type == 'direct:production' }} + shell: bash --noprofile --norc -xeo pipefail {0} + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr review "$PR_URL" --approve + gh pr merge "$PR_URL" --auto --squash + gh pr edit "$PR_URL" --add-label 'automerge' \ No newline at end of file diff --git a/renovate.json5 b/renovate.json5 deleted file mode 100644 index 1bece2a..0000000 --- a/renovate.json5 +++ /dev/null @@ -1,8 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:base" - ], - "prCreation": "immediate", - "prHourlyLimit": 5 -}