copier-python-package-template/.github/workflows/dependabot-post-update.yaml at 73af412f1a4271c729fe8d1dc8f4e912ac676ff8 · LabAutomationAndScreening/copier-python-package-template · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
name: Dependabot Post-Update
permissions:
  contents: write        # grant write access so we can push commits
on:
  pull_request:
    types: [opened, synchronize]
    branches:
      - main

jobs:
  post-update:
    if: ${{ github.actor == 'dependabot[bot]' }}
    runs-on: ubuntu-24.04

    steps:
      - name: Checkout code
        uses: actions/checkout@v4.2.2
        with:
          persist-credentials: true   # (default) makes GITHUB_TOKEN available for git push
          fetch-depth: 1 # Fetch tip commit so we can push back
          ref: ${{ github.event.pull_request.head.ref }} # Check out the head ref of the PR instead of detached HEAD

      - name: Configure Git author
        run: |
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"

      - name: Update devcontainer hash
        run: python3 .github/workflows/hash_git_files.py . --for-devcontainer-config-update --exit-zero

      - name: Commit & push changes
        run: |
          # only commit if there are changes
          if ! git diff --quiet; then
            git add .
            git commit -m "chore: apply post-Dependabot script changes"
            git push origin HEAD:${{ github.event.pull_request.head.ref }}
          else
            echo "No changes to commit"
          fi