Skip to content

Commit 82a414b

Browse files
dannysteenmandannysteenman
committed
chore: add Dependabot and auto-approve workflows for dependency management
1 parent fb45818 commit 82a414b

File tree

6 files changed

+108
-1
lines changed

6 files changed

+108
-1
lines changed

.gitattributes

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/dependabot.yml

Lines changed: 22 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/workflows/auto-approve.yml

Lines changed: 28 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.gitignore

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.projen/files.json

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.projenrc.py

Lines changed: 52 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
import os
22

3-
from projen import github
3+
from projen import github, YamlFile
44
from projen.awscdk import AwsCdkPythonApp
5+
from projen.github import AutoApprove
56

67
from src.bin.cicd_helper import github_cicd
78
from src.bin.env_helper import cdk_action_task
@@ -59,6 +60,56 @@
5960
}
6061

6162
gh = github.GitHub(project)
63+
64+
# Add Dependabot configuration for pip
65+
YamlFile(
66+
project,
67+
".github/dependabot.yml",
68+
obj={
69+
"version": 2,
70+
"updates": [
71+
{
72+
"package-ecosystem": "pip",
73+
"directory": "/",
74+
"schedule": {"interval": "weekly"},
75+
"ignore": [
76+
{"dependency-name": "aws-cdk-lib"},
77+
{"dependency-name": "aws-cdk"},
78+
{"dependency-name": "projen"},
79+
],
80+
"labels": ["dependencies", "auto-approve"],
81+
"groups": {
82+
"default": {
83+
"patterns": ["*"],
84+
"exclude-patterns": ["aws-cdk*", "projen"],
85+
}
86+
},
87+
}
88+
],
89+
},
90+
)
91+
92+
# Add auto-approve configuration
93+
AutoApprove(gh, allowed_usernames=["dependabot", "dependabot[bot]"])
94+
95+
# Add auto-merge step to the auto-approve workflow
96+
auto_approve_workflow = project.try_find_object_file(".github/workflows/auto-approve.yml")
97+
if auto_approve_workflow:
98+
auto_approve_workflow.add_override("jobs.approve.permissions.contents", "write")
99+
# Add checkout step before the merge step
100+
auto_approve_workflow.add_override(
101+
"jobs.approve.steps.1",
102+
{"name": "Checkout", "uses": "actions/checkout@v5"},
103+
)
104+
auto_approve_workflow.add_override(
105+
"jobs.approve.steps.2",
106+
{
107+
"name": "Enable Pull Request Automerge",
108+
"run": 'gh pr merge --merge --auto "${{ github.event.pull_request.number }}"',
109+
"env": {"GH_TOKEN": "${{ secrets.PROJEN_GITHUB_TOKEN }}"},
110+
},
111+
)
112+
62113
# Loop through each environment in target_accounts
63114
for env, account in target_accounts.items():
64115
if account: # Check if account is not None

0 commit comments

Comments
 (0)