chore(main): release 0.1.17 #207
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Auto Approve | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: auto-approve-${{ github.event.pull_request.number || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| auto-approve: | |
| name: Auto Approve | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| permissions: | |
| # contents: write is required for the gh pr merge --auto step (when using | |
| # the App token). Top-level is contents: read. This setup (with job-level | |
| # scoping and comments) helps the Token-Permissions Scorecard check. | |
| # See also the dedicated dependabot-auto-merge.yaml (pull_request_target) | |
| # which handles Dependabot exclusively. | |
| contents: write | |
| pull-requests: write | |
| if: > | |
| github.event.pull_request.user.login != 'github-actions[bot]' && | |
| github.event.pull_request.user.login != 'dependabot[bot]' && | |
| (github.actor == 'SebTardif' || | |
| github.actor == 'attune-release-bot[bot]') | |
| steps: | |
| - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 | |
| with: | |
| egress-policy: audit | |
| - name: Approve PR | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: gh pr review --approve "${{ github.event.pull_request.number }}" --repo "${{ github.repository }}" | |
| - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 | |
| if: >- | |
| github.event.pull_request.user.login != 'attune-release-bot[bot]' && | |
| !contains(github.event.pull_request.labels.*.name, 'autorelease: pending') | |
| id: app-token | |
| with: | |
| client-id: ${{ vars.APP_CLIENT_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| - name: Enable auto-merge | |
| if: >- | |
| github.event.pull_request.user.login != 'attune-release-bot[bot]' && | |
| !contains(github.event.pull_request.labels.*.name, 'autorelease: pending') | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| run: gh pr merge --auto --squash "${{ github.event.pull_request.number }}" --repo "${{ github.repository }}" |