Actions: Config dependabot on PRs #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow opens issues for pull requests opened by dependabot. | |
| # See for more info: https://github.com/actions/dependency-review-action | |
| name: Create Dependabot Issues # from pull requests | |
| on: | |
| pull_request: | |
| types: [opened] | |
| branches: [main] | |
| jobs: | |
| create-issue: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} | |
| steps: | |
| - name: Create issue | |
| uses: actions-cool/issues-helper@v3 | |
| with: | |
| actions: 'create-issue' | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| title: ${{ github.event.pull_request.title }} | |
| body: | | |
| ### Dependabot opened a pull request to update a dependency. Please review it: ${{ github.event.pull_request.html_url }} | |
| - [ ] Comment on this issue tagging Chayn staff (@kyleecodes) to be assigned as a reviewer on the PR. | |
| - [ ] Review the pull request. See GitHub Docs below for guidance. Check the files changed, dependency review, and workflow test runs. | |
| - [ ] Verify tests and happy paths are functional by cloning the dependabot branch and running locally. | |
| - [ ] If pull request does not pass tests, suggest changes or write comments in the review. | |
| - [ ] When tests pass, approve changes to complete the review, then notify us in issue discussions so we can get this merged. | |
| ### Resources | |
| GitHub Docs - Reviewing Pull Requests with Dependency Updates: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request | |
| labels: 'dependencies' |