-
-
Notifications
You must be signed in to change notification settings - Fork 0
39 lines (32 loc) · 1.2 KB
/
validate_auto-approve_dependabot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
name: 'Validate Auto-Approve Dependabot'
permissions:
pull-requests: read
# That bricked itself during the last major version upgrade of `actions/github-script` to `v5`. Whoops.
# This workflow here now makes sure the API is there at least.
on:
pull_request:
jobs:
validate-approve-dependabot:
runs-on: ubuntu-latest
steps:
- name: Validate API
uses: actions/github-script@v6
with:
# The default token is enough to comment, but Dependabot will only comply if you impersonate a user with write access.
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
if (github.rest.pulls.listReviews == false) {
throw "`listReviews` not found.";
}
if (github.rest.pulls.createReview == false) {
throw "`createReview` not found.";
}
// If the following works, the script is probably fine:
const pulls = await github.rest.pulls.list({
owner: context.payload.repository.owner.login,
repo: context.payload.repository.name,
});
for (pull of pulls.data) {
console.log(pull);
return;
}