diff --git a/.github/workflows/dependabot-prs-manager.yaml b/.github/workflows/dependabot-prs-manager.yaml index e7f1147949..310baa714c 100644 --- a/.github/workflows/dependabot-prs-manager.yaml +++ b/.github/workflows/dependabot-prs-manager.yaml @@ -10,7 +10,7 @@ jobs: list-prs: runs-on: ubuntu-latest env: - GH_TOKEN: ${{ secrets.NIGHTLY_GH_PAT }} + GITHUB_TOKEN: ${{ secrets.NIGHTLY_GH_PAT }} outputs: prs: ${{ steps.dependabot-prs.outputs.prs }} steps: @@ -34,31 +34,27 @@ jobs: matrix: pr: ${{ fromJson(needs.list-prs.outputs.prs) }} env: - GH_TOKEN: ${{ secrets.NIGHTLY_GH_PAT }} + GITHUB_TOKEN: ${{ secrets.NIGHTLY_GH_PAT }} steps: - name: Checkout uses: actions/checkout@v4 - - name: Merge PR + - name: Process PR run: | - set +e - - gh pr checks ${{ matrix.pr.number }} --required + set -euo pipefail - EXIT_CODE=$? - if [ $EXIT_CODE -eq 0 ]; then - echo "All required checks passed. Approving and merging." + if gh pr checks ${{ matrix.pr.number }} --required; then + echo "\n\nAll required checks passed. Approving and merging." gh pr review ${{ matrix.pr.number }} --approve --comment "LGTM :thumbsup:" gh pr merge ${{ matrix.pr.number }} --auto --squash --delete-branch exit 0 fi - echo "Some required checks failed. Ensuring required labels and re-running failed tests." - - # Ensure required labels + echo "\n\nSome required checks failed." + echo "Ensuring required labels..." gh pr edit ${{ matrix.pr.number }} --add-label "type::security" - # Re-run failed tests + echo "Re-running failed tests..." branch=$(gh pr view ${{ matrix.pr.number }} --json headRefName -q '.headRefName') run_id=$(gh run list --branch $branch --workflow build-test --limit 1 --json databaseId -q '.[0].databaseId') gh run rerun $run_id --failed