Try manually setting status

.copier-answers.yml

@@ -1,5 +1,5 @@
 # Changes here will be overwritten by Copier
-_commit: v0.0.41-18-gec81ebb
+_commit: v0.0.41-21-g8ca6c25
 _src_path: gh:LabAutomationAndScreening/copier-base-template.git
 description: Copier template for creating Python libraries and executables
 python_ci_versions:

.github/actions/update-devcontainer-hash/action.yml

@@ -8,6 +8,13 @@ inputs:
 permissions:
   contents: write
 
+outputs:
+  new-sha:
+    description: 'The SHA of the branch tip after update'
+    value: ${{ steps.commit-and-push.outputs.new-sha }}
+  commit-created:
+    description: 'Whether a new commit was created and pushed'
+    value: ${{ steps.commit-and-push.outputs.commit-created }}
 
 runs:
   using: composite
@@ -38,12 +45,16 @@ runs:
       shell: bash
 
     - name: Commit & push changes
+      id: commit-and-push
       run: |
         if ! git diff --quiet; then
           git add .
           git commit -m "chore: update devcontainer hash [dependabot skip]"
           git push origin HEAD:${{ inputs.branch }}
+          echo "commit-created=true" >> $GITHUB_OUTPUT
+          echo "new-sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
         else
           echo "No changes to commit"
+          echo "commit-created=false" >> $GITHUB_OUTPUT
         fi
       shell: bash

.github/workflows/ci.yaml

@@ -13,16 +13,21 @@ env:
 permissions:
     id-token: write
     contents: write # needed for mutex
+    statuses: write # needed for updating status on Dependabot PRs
 
 jobs:
   get-values:
     runs-on: ubuntu-24.04
+    outputs:
+      new-dependabot-sha: ${{ steps.update-hash.outputs.new-sha }}
+      dependabot-commit-created: ${{ steps.update-hash.outputs.commit-created }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4.2.2
 
       - name: Update Devcontainer Hash
         if: ${{ github.actor == 'dependabot[bot]' }}
+        id: update-hash
         uses: ./.github/actions/update-devcontainer-hash
         with:
           branch: ${{ github.ref_name }}
@@ -170,10 +175,21 @@ jobs:
 
   required-check:
     runs-on: ubuntu-24.04
-    needs: [ lint-matrix ]
+    needs: [ lint-matrix, get-values ]
     if: always()
     steps:
       - name: fail if prior job failure
         if: needs.lint-matrix.result != 'success'
         run: |
           exit 1
+      - name: Make updated dependabot hash commit as succeeded
+        if: needs.get-values.outputs.dependabot-commit-created == 'true'
+        run: |
+          gh api \
+            -X POST \
+            -H "Accept: application/vnd.github.v3+json" \
+            "/repos/${{ github.repository }}/statuses/${{ needs.get-values.outputs.new-dependabot-sha }}" \
+            -f state=success \
+            -f context="required-check" \
+            -f description="Initial CI run passed" \
+            -f target_url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"

template/.github/actions/update-devcontainer-hash/action.yml

@@ -8,6 +8,13 @@ inputs:
 permissions:
   contents: write
 
+outputs:
+  new-sha:
+    description: 'The SHA of the branch tip after update'
+    value: ${{ steps.commit-and-push.outputs.new-sha }}
+  commit-created:
+    description: 'Whether a new commit was created and pushed'
+    value: ${{ steps.commit-and-push.outputs.commit-created }}
 
 runs:
   using: composite
@@ -38,12 +45,16 @@ runs:
       shell: bash
 
     - name: Commit & push changes
+      id: commit-and-push
       run: |
         if ! git diff --quiet; then
           git add .
           git commit -m "chore: update devcontainer hash [dependabot skip]"
           git push origin HEAD:${{ inputs.branch }}
+          echo "commit-created=true" >> $GITHUB_OUTPUT
+          echo "new-sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
         else
           echo "No changes to commit"
+          echo "commit-created=false" >> $GITHUB_OUTPUT
         fi
       shell: bash