From 423f17619fa1a2a8b259cf0f697214ba68b0dbe3 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 22 Jan 2025 18:47:28 +0000 Subject: [PATCH 1/4] chore: notify on auto merged dependabot PRs --- .github/workflows/contrib.yaml | 55 ++++++++++++++++++++++++++++++---- 1 file changed, 49 insertions(+), 6 deletions(-) diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml index b665e2c6f25c1..e209998d0dcd0 100644 --- a/.github/workflows/contrib.yaml +++ b/.github/workflows/contrib.yaml @@ -24,24 +24,24 @@ concurrency: pr-${{ github.ref }} jobs: # Dependabot is annoying, but this makes it a bit less so. - dependabot: + dependabot-automerge: runs-on: ubuntu-latest - if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder' + if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder' permissions: pull-requests: write - steps: + steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d # v2.2.0 + uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - + - name: Approve the PR run: gh pr review --approve "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} GH_TOKEN: ${{secrets.GITHUB_TOKEN}} - + - name: Enable auto-merge for Dependabot PRs if: steps.metadata.outputs.update-type == 'version-update:semver-patch' run: gh pr merge --auto --merge "$PR_URL" @@ -49,6 +49,49 @@ jobs: PR_URL: ${{github.event.pull_request.html_url}} GH_TOKEN: ${{secrets.GITHUB_TOKEN}} + dependabot-automerge-notify: + # Send a slack notification when a dependabot PR is merged. + runs-on: ubuntu-latest + if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder' && github.event.pull_request.merged + steps: + - name: Send Slack notification + run: | + curl -X POST -H 'Content-type: application/json' \ + --data '{ + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": ":pr-merged: Dependabot PR auto merged", + "emoji": true + } + }, + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "${{ github.event.pull_request.title }}" + } + ] + }, + { + "type": "actions", + "elements": [ + { + "type": "button", + "text": { + "type": "plain_text", + "text": "View PR" + }, + "url": "${{ github.event.pull_request.html_url }}" + } + ] + } + ] + }' ${{ secrets.DEPENDABOT_PRS_SLACK_WEBHOOK }} + cla: runs-on: ubuntu-latest permissions: From 7a8aae0a02c29994a699a45cf91559ae26ddd91a Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 22 Jan 2025 19:00:20 +0000 Subject: [PATCH 2/4] add PR number to title --- .github/workflows/contrib.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml index e209998d0dcd0..2136958485f60 100644 --- a/.github/workflows/contrib.yaml +++ b/.github/workflows/contrib.yaml @@ -63,7 +63,7 @@ jobs: "type": "header", "text": { "type": "plain_text", - "text": ":pr-merged: Dependabot PR auto merged", + "text": ":pr-merged: Auto merged Dependabot PR #${{ github.event.pull_request.number }}", "emoji": true } }, From 875df5b95311ab1e7623cb5f08283a278210c76d Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 22 Jan 2025 19:03:00 +0000 Subject: [PATCH 3/4] move github contexts to env --- .github/workflows/contrib.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml index 2136958485f60..3af7df7d56297 100644 --- a/.github/workflows/contrib.yaml +++ b/.github/workflows/contrib.yaml @@ -55,6 +55,10 @@ jobs: if: github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'coder/coder' && github.event.pull_request.merged steps: - name: Send Slack notification + env: + PR_URL: ${{github.event.pull_request.html_url}} + PR_TITLE: ${{github.event.pull_request.title}} + PR_NUMBER: ${{github.event.pull_request.number}} run: | curl -X POST -H 'Content-type: application/json' \ --data '{ @@ -63,7 +67,7 @@ jobs: "type": "header", "text": { "type": "plain_text", - "text": ":pr-merged: Auto merged Dependabot PR #${{ github.event.pull_request.number }}", + "text": ":pr-merged: Auto merged Dependabot PR #${{ env.PR_NUMBER }}", "emoji": true } }, @@ -72,7 +76,7 @@ jobs: "fields": [ { "type": "mrkdwn", - "text": "${{ github.event.pull_request.title }}" + "text": "${{ env.PR_TITLE }}" } ] }, @@ -85,7 +89,7 @@ jobs: "type": "plain_text", "text": "View PR" }, - "url": "${{ github.event.pull_request.html_url }}" + "url": "${{ env.PR_URL }}" } ] } From 40eee9904b6f89f0bc010287933ccedc3dcd5534 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 23 Jan 2025 10:10:32 +0000 Subject: [PATCH 4/4] chore: add username and icon_url for dependabot notifications in workflow --- .github/workflows/contrib.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml index 3af7df7d56297..6b1c4a39a3a23 100644 --- a/.github/workflows/contrib.yaml +++ b/.github/workflows/contrib.yaml @@ -62,6 +62,8 @@ jobs: run: | curl -X POST -H 'Content-type: application/json' \ --data '{ + "username": "dependabot", + "icon_url": "https://avatars.githubusercontent.com/u/27347476", "blocks": [ { "type": "header",