Split the dependabot pr workflow into two separate ones

nblagoev · nblagoev · commit 7b1ce817a9ad · 2021-03-17T15:36:12.000+02:00
This accomodates the change that workflows triggered by dependabot are now using read-only token (https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/)
diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml
@@ -0,0 +1,25 @@
+name: build-pr
+on:
+  pull_request:
+    branches:
+      - master
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [10.x, 12.x]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - name: install and build
+      run: |
+        yarn install
+        yarn run coverage
+        yarn run build
+      env:
+        CI: true
+    - run: ./node_modules/.bin/codecov -f coverage/*.json
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -5,9 +5,6 @@ on:
       - '*'
     tags-ignore:
       - 'v*'
-  pull_request:
-    branches:
-      - master
 jobs:
   build:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/dependabot-pr.yml b/.github/workflows/dependabot-pr.yml
@@ -1,30 +1,10 @@
 name: dependabot-pr
 on:
-  pull_request:
-    branches:
-      - master
+  workflow_run:
+    workflows: ["build-pr", "lint-pr"]
+    types:
+      - completed
 jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    if: github.base_ref == 'master' && github.actor == 'dependabot[bot]'
-    strategy:
-      matrix:
-        node-version: [10.x, 12.x]
-    steps:
-    - uses: actions/checkout@v2
-    - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v1
-      with:
-        node-version: ${{ matrix.node-version }}
-    - name: install and build
-      run: |
-        yarn install
-        yarn run coverage
-        yarn run build
-      env:
-        CI: true
-
   autoapprove:
     name: Approve pull request
     runs-on: ubuntu-latest
@@ -47,23 +27,25 @@ jobs:
             })
             core.debug(`Approved pull request #${pr.number}`)
 
-  automerge:
-    name: Merge pull request
-    runs-on: ubuntu-latest
-    needs: autoapprove
-    if: github.base_ref == 'master' && github.actor == 'dependabot[bot]'
-    steps:
-      - name: Merge
-        uses: actions/github-script@v2
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { pull_request: pr, repository: repo } = context.payload
+  # Handled by GitHub's auto-merge feature
+  #
+  # automerge:
+  #   name: Merge pull request
+  #   runs-on: ubuntu-latest
+  #   needs: autoapprove
+  #   if: github.base_ref == 'master' && github.actor == 'dependabot[bot]'
+  #   steps:
+  #     - name: Merge
+  #       uses: actions/github-script@v2
+  #       with:
+  #         github-token: ${{ secrets.GITHUB_TOKEN }}
+  #         script: |
+  #           const { pull_request: pr, repository: repo } = context.payload
 
-            core.debug(`Merging pull request #${pr.number}`)
-            await github.pulls.merge({
-              owner: repo.owner.login,
-              repo: repo.name,
-              pull_number: pr.number
-            })
-            core.debug(`Merged pull request #${pr.number}`)
+  #           core.debug(`Merging pull request #${pr.number}`)
+  #           await github.pulls.merge({
+  #             owner: repo.owner.login,
+  #             repo: repo.name,
+  #             pull_number: pr.number
+  #           })
+  #           core.debug(`Merged pull request #${pr.number}`)
