From 830dded10ef4a407c80a766a4ec77a228cbdccda Mon Sep 17 00:00:00 2001
From: Nikolay Blagoev <nikolay.blagoev@gmail.com>
Date: Wed, 17 Mar 2021 16:51:22 +0200
Subject: [PATCH] Save the PR number during build and use it for the approval
 action if dependabot is making a PR

---
 .github/workflows/build-pr.yml      | 10 +++++
 .github/workflows/dependabot-pr.yml | 60 ++++++++++++++---------------
 2 files changed, 39 insertions(+), 31 deletions(-)

diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml
index 8ea280f0..92673fb4 100644
--- a/.github/workflows/build-pr.yml
+++ b/.github/workflows/build-pr.yml
@@ -23,3 +23,13 @@ jobs:
       env:
         CI: true
     - run: ./node_modules/.bin/codecov -f coverage/*.json
+    - name: Save PR number
+      if: ${{ github.actor == 'dependabot[bot]' }}
+      run: |
+        mkdir -p ./pr
+        echo ${{ github.event.number }} > ./pr/number
+    - uses: actions/upload-artifact@v2
+      if: ${{ github.actor == 'dependabot[bot]' }}
+      with:
+        name: pr
+        path: pr/
diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml
index 7ebc7442..039e873c 100644
--- a/.github/workflows/dependabot-pr.yml
+++ b/.github/workflows/dependabot-pr.yml
@@ -1,7 +1,7 @@
 name: dependabot-pr
 on:
   workflow_run:
-    workflows: ["build-pr", "lint-pr"]
+    workflows: ["build-pr"]
     types:
       - completed
 jobs:
@@ -13,41 +13,39 @@ jobs:
           github.event.workflow_run.conclusion == 'success' &&
           github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Approve
-        uses: actions/github-script@v2
+      - name: 'Download artifact'
+        uses: actions/github-script@v3
+        with:
+          script: |
+            var artifacts = await github.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: ${{github.event.workflow_run.id }},
+            });
+            var matchArtifact = artifacts.data.artifacts.filter(artifact => artifact.name == "pr")[0];
+            var download = await github.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+
+            var fs = require('fs');
+            fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
+      - run: unzip pr.zip
+      - name: Approve PR
+        uses: actions/github-script@v3
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
-            const { pull_request: pr, repository: repo } = context.payload
+            var fs = require('fs');
+            var pr_number = Number(fs.readFileSync('./number'));
 
-            core.debug(`Creating APPROVE review for pull request #${pr.number}`)
+            core.debug(`Creating APPROVE review for pull request #${pr_number}`)
             await github.pulls.createReview({
-              owner: repo.owner.login,
-              repo: repo.name,
-              pull_number: pr.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: pr_number,
               event: "APPROVE"
             })
             core.debug(`Approved pull request #${pr.number}`)
-
-  # Handled by GitHub's auto-merge feature
-  #
-  # automerge:
-  #   name: Merge pull request
-  #   runs-on: ubuntu-latest
-  #   needs: autoapprove
-  #   if: github.base_ref == 'master' && github.actor == 'dependabot[bot]'
-  #   steps:
-  #     - name: Merge
-  #       uses: actions/github-script@v2
-  #       with:
-  #         github-token: ${{ secrets.GITHUB_TOKEN }}
-  #         script: |
-  #           const { pull_request: pr, repository: repo } = context.payload
-
-  #           core.debug(`Merging pull request #${pr.number}`)
-  #           await github.pulls.merge({
-  #             owner: repo.owner.login,
-  #             repo: repo.name,
-  #             pull_number: pr.number
-  #           })
-  #           core.debug(`Merged pull request #${pr.number}`)