Implement dependabot automerge #74
Labels
github_actions
Pull requests that update GitHub Actions code
Hacktoberfest
infrastructure
Related to changes in the infrastructure, the CI, etc.
Comments
dalonsoa
added
infrastructure
|
@dalonsoa is this a simple lift and shift from the example workflow file or are we expecting any gremlins? |
|
It should be a simple lifts and shift, but you never know where gremlins lure... :) |
|
Great - and how would you like to manage contributions? Update the infrastructure branch and push to that? May need permissions |
|
Nope, you create a separate branch just for this stuff and then open a PR against develop. |
|
You probably need to fork the repo to your own account. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Dependabot is a tool that automatically upgrade dependencies when there's a new version. It works for, the software dependencies, but also the version of the GitHub action workflows and pre-commit.
At the moment, it just opens PR with the new versions, but if no-one keeps an eye on them, they are never merged.
Things should be arranged such that the PR related to dependabot (and pre-commit) are automatically merged if all checks pass. This is done via a workflow file, such as https://github.com/ImperialCollegeLondon/paricia/blob/main/.github/workflows/auto-merge.yml
The text was updated successfully, but these errors were encountered: