Add Dependabot auto-manage workflow

ad · web-flow · commit 532f26fbad47 · 2025-09-09T07:30:04.000+03:00
diff --git a/.github/workflows/Dependabot-auto-manage.yml b/.github/workflows/Dependabot-auto-manage.yml
@@ -0,0 +1,66 @@
+
+name: Dependabot Auto Manage
+on: 
+  pull_request:
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: 'PR number to process'
+        required: true
+        type: number
+      dependency_type:
+        description: 'Dependency type to process'
+        required: false
+        default: 'direct:production'
+        type: choice
+        options:
+          - 'direct:production'
+          - 'direct:development'
+          - 'all'
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: |
+      (github.event_name == 'pull_request' && (github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'app/dependabot')) ||
+      (github.event_name == 'workflow_dispatch')
+    steps:
+      - name: Checkout (for manual dispatch)
+        if: github.event_name == 'workflow_dispatch'
+        uses: actions/checkout@v4
+        
+      - name: Check PR author (for manual dispatch)
+        if: github.event_name == 'workflow_dispatch'
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          PR_AUTHOR=$(gh pr view ${{ github.event.inputs.pr_number }} --repo "${{ github.repository }}" --json author --jq '.author.login')
+          if [[ "$PR_AUTHOR" != "dependabot[bot]" && "$PR_AUTHOR" != "app/dependabot" ]]; then
+            echo "❌ PR #${{ github.event.inputs.pr_number }} is not from Dependabot (author: $PR_AUTHOR)"
+            exit 1
+          fi
+          echo "✅ PR #${{ github.event.inputs.pr_number }} is from Dependabot"
+          
+      - name: Simulate PR event for manual dispatch
+        if: github.event_name == 'workflow_dispatch'
+        id: pr_info
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          # Get PR details and set outputs
+          PR_DATA=$(gh pr view ${{ github.event.inputs.pr_number }} --repo "${{ github.repository }}" --json number,url,author)
+          echo "pr_number=$(echo $PR_DATA | jq -r '.number')" >> $GITHUB_OUTPUT
+          echo "pr_url=$(echo $PR_DATA | jq -r '.url')" >> $GITHUB_OUTPUT
+          
+      - uses: ad/dependabot-auto-approve@v1.3.2
+        with:
+          dependency-type: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.dependency_type || 'direct:production' }}
+          merge-method: 'squash'
+          add-label: ${{ github.event_name == 'workflow_dispatch' && 'manual-approval' || 'dependabot-approved' }}
+          pr-number: ${{ github.event_name == 'workflow_dispatch' && steps.pr_info.outputs.pr_number || '' }}
+          pr-url: ${{ github.event_name == 'workflow_dispatch' && steps.pr_info.outputs.pr_url || '' }}
+          github-token: ${{ secrets.PAT_TOKEN }}  
