feat(workflows): enhance Dependabot PR review process 3

Raouf25 · Raouf25 · commit 1ac0cc8824d3 · 2024-07-16T02:23:00.000+02:00
diff --git a/.github/workflows/dependabot-reviewer.yml b/.github/workflows/dependabot-reviewer.yml
@@ -7,47 +7,38 @@ permissions:
   contents: write
 
 jobs:
+
   review-dependabot-pr:
     runs-on: ubuntu-latest
+
+    # Trigger only if the PR is created by Dependabot
     if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
+
     env:
       PR_URL: ${{ github.event.pull_request.html_url }}
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     steps:
-      - name: Check out repository
-        uses: actions/checkout@v3
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-
+      # Fetch metadata from Dependabot
       - name: Dependabot metadata
         id: dependabot-metadata
         uses: dependabot/fetch-metadata@v2.1.0
 
-      - name: Fetch all branches
-        run: git fetch --all
-
-      - name: Attempt fast-forward merge
-        run: |
-          BASE_BRANCH="${{ github.event.pull_request.base.ref }}"
-          HEAD_BRANCH="${{ github.event.pull_request.head.ref }}"
-          git checkout $BASE_BRANCH
-          git merge --ff-only $HEAD_BRANCH || exit 0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
+      # Enable auto-merge for Dependabot PRs
       - name: Enable auto-merge for Dependabot PRs
-        if: ${{ github.event.pull_request.merged == false }}
         run: gh pr merge --auto --merge "$PR_URL"
 
+      # Approve patch and minor updates
       - name: Approve patch and minor updates
         if: ${{ steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor' }}
         run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because it includes a ${{ steps.dependabot-metadata.outputs.update-type }} update"
 
+      # Approve major updates of development dependencies
       - name: Approve major updates of development dependencies
         if: ${{ steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:development' }}
         run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a major update of a dependency used only in development**"
 
+      # Comment on major updates of production dependencies
       - name: Comment on major updates of non-development dependencies
         if: ${{ steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }}
         run: |
