# https://docs.github.com/de/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
name: Dependabot auto-merge
on:
  pull_request:
    paths:
    - pyproject.toml
    - poetry.lock
    - .pre-commit-config.yaml

permissions:
  contents: write
  pull-requests: write

jobs:
  dependabot:
    runs-on: ubuntu-latest
    if: ${{ ((github.actor == 'dependabot[bot]') || (github.actor == 'github-actions[bot]')) }}
    steps:
    - name: Dependabot metadata
      id: metadata
      uses: dependabot/fetch-metadata@v1
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
    - name: Enable auto-merge for Dependabot PRs
      run: gh pr merge --auto --merge "$PR_URL"
      env:
        PR_URL: ${{github.event.pull_request.html_url}}
        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}