41 lines (37 loc) · 1.39 KB
/
dependabot-update-lockfile.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# https://github.com/dependabot/dependabot-core/issues/1736
name: Dependabot - Update Lockfile
on: pull_request_target
permissions: read-all
jobs:
update-lockfile:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
permissions:
pull-requests: write
contents: write
steps:
- uses: pnpm/action-setup@v2.2.4
with:
version: ^7
- uses: tibdex/github-app-token@021a2405c7f990db57f5eae5397423dcc554159c # v1.5 # cspell:ignore tibdex
id: generate-token
with:
app_id: ${{ secrets.AUTOMATION_APP_ID }}
private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ steps.generate-token.outputs.token }}
- run: pnpm i --lockfile-only
- name: Has changes
run: |
git --no-pager diff --compact-summary --exit-code && echo "git_status=clean" >> $GITHUB_ENV || echo "git_status=dirty" >> $GITHUB_ENV
git --no-pager diff --compact-summary
- name: Push Changes to PR
if: env.git_status == 'dirty'
run: |
git config --global user.name github-actions[bot]
git config --global user.email github-actions[bot]@users.noreply.github.com
git add pnpm-lock.yaml
git commit -m "Update pnpm-lock.yaml"
git push