-
Notifications
You must be signed in to change notification settings - Fork 18
42 lines (36 loc) · 1.52 KB
/
merge-dependabot.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
name: merge-dependabot
on:
pull_request_target:
paths-ignore:
- "**.adoc"
- "**.md"
- "**.txt"
permissions: read-all
jobs:
build:
if: github.repository == 'apache/logging-log4j-tools' && github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
uses: apache/logging-parent/.github/workflows/build-reusable.yaml@main
merge-dependabot:
needs: build
uses: apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@main
permissions:
contents: write # to push changelog commits
pull-requests: write # to close the PR
secrets:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }} # to sign commits