ホーム エクスプローラ ヘルプ
登録 サインイン
github
/
spring-security
同期ミラー https://github.com/spring-projects/spring-security
2
0
フォーク 0
ファイル 課題 0 Wiki
ツリー: 547d174f3e
ブランチ タグ
spring-security
/
.github
/
workflows
/
merge-dependabot-pr.yml

merge-dependabot-pr.yml 2.2 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. name: Merge Dependabot PR
    2. 

  2. 

  3. on: pull_request_target
    4. 

  4. 

  5. run-name: Merge Dependabot PR ${{ github.ref_name }}
    6. 

  6. 

  7. permissions: write-all
    8. 

  8. 

  9. jobs:
    10. 

  10.   merge-dependabot-pr:
    11. 

  11.     name: Merge Dependabot PR
    12. 

  12.     runs-on: ubuntu-latest
    13. 

  13.     if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'spring-projects/spring-security' }}
    14. 

  14.     steps:
    15. 

  15. 

  16.       - uses: actions/checkout@v4
    17. 

  17.         with:
    18. 

  18.           show-progress: false
    19. 

  19.           ref: ${{ github.event.pull_request.head.sha }}
    20. 

  20. 

  21.       - uses: actions/setup-java@v4
    22. 

  22.         with:
    23. 

  23.           distribution: temurin
    24. 

  24.           java-version: 17
    25. 

  25. 

  26.       - name: Set Milestone to Dependabot Pull Request
    27. 

  27.         id: set-milestone
    28. 

  28.         run: |
    29. 

  29.           if test -f pom.xml
    30. 

  30.           then
    31. 

  31.             CURRENT_VERSION=$(mvn help:evaluate -Dexpression="project.version" -q -DforceStdout)
    32. 

  32.           else
    33. 

  33.             CURRENT_VERSION=$(cat gradle.properties | sed -n '/^version=/ { s/^version=//;p }')
    34. 

  34.           fi
    35. 

  35.           export CANDIDATE_VERSION=${CURRENT_VERSION/-SNAPSHOT}
    36. 

  36.           MILESTONE=$(gh api repos/$GITHUB_REPOSITORY/milestones --jq 'map(select(.due_on != null and (.title | startswith(env.CANDIDATE_VERSION)))) | .[0] | .title')
    37. 

  37.           
    38. 

  38.           if [ -z $MILESTONE ]
    39. 

  39.           then
    40. 

  40.             gh run cancel ${{ github.run_id }}
    41. 

  41.             echo "::warning title=Cannot merge::No scheduled milestone for $CURRENT_VERSION version"
    42. 

  42.           else
    43. 

  43.             gh pr edit ${{ github.event.pull_request.number }} --milestone $MILESTONE
    44. 

  44.             echo mergeEnabled=true >> $GITHUB_OUTPUT
    45. 

  45.           fi
    46. 

  46.         env:
    47. 

  47.           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    48. 

  48. 

  49.       - name: Merge Dependabot pull request
    50. 

  50.         if: steps.set-milestone.outputs.mergeEnabled
    51. 

  51.         run: gh pr merge ${{ github.event.pull_request.number }} --auto --rebase
    52. 

  52.         env:
    53. 

  53.           GH_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
    54. 

  54.   send-notification:
    55. 

  55.     name: Send Notification
    56. 

  56.     needs: [ merge-dependabot-pr ]
    57. 

  57.     if: ${{ failure() || cancelled() }}
    58. 

  58.     runs-on: ubuntu-latest
    59. 

  59.     steps:
    60. 

  60.       - name: Send Notification
    61. 

  61.         uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1
    62. 

  62.         with:
    63. 

  63.           webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }}
    64.