update workflow config

dart4e · Apr 1, 2024 · 00deea2 · 00deea2
1 parent f46022a
commit 00deea2
Show file tree

Hide file tree

Showing 4 changed files with 114 additions and 36 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,4 +1,4 @@
-# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
 version: 2
 updates:
   - package-ecosystem: github-actions
@@ -8,12 +8,14 @@ updates:
       day: monday
       time: "10:00"
     commit-message:
-      prefix: fix
-      prefix-development: chore
+      prefix: ci
+      prefix-development: ci
       include: scope
     labels:
+      - pinned
       - dependencies
       - gha
+
   - package-ecosystem: maven
     directory: /
     schedule:
@@ -22,8 +24,9 @@ updates:
       time: "10:00"
     commit-message:
       prefix: fix
-      prefix-development: chore
+      prefix-development: build
       include: scope
     labels:
+      - pinned
       - dependencies
       - mvn
diff --git a/.github/stale.yml b/.github/stale.yml
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -3,16 +3,17 @@ name: Build
 
 on:
   push:
-    branches-ignore: # build all branches except:
-    - 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
-    tags-ignore: # don't build tags
+    branches-ignore:  # build all branches except:
+    - 'dependabot/**'  # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
+    tags-ignore:  # don't build tags
     - '**'
     paths-ignore:
     - '**/*.adoc'
     - '**/*.md'
     - '.editorconfig'
     - '.git*'
     - '.github/*.yml'
+    - '.github/workflows/stale.yml'
   pull_request:
     paths-ignore:
     - '**/*.adoc'
@@ -30,6 +31,7 @@ on:
         required: false
         default: ''
 
+
 defaults:
   run:
     shell: bash
@@ -38,7 +40,10 @@ env:
   JAVA_VERSION: 17
 
 jobs:
+
+  ###########################################################
   build:
+  ###########################################################
     runs-on: windows-latest
 
     concurrency:
@@ -51,11 +56,11 @@ jobs:
 
 
     - name: Git Checkout
-      uses: actions/checkout@v4 # https://github.com/actions/checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
 
 
     - name: "Install: JDK ${{ env.JAVA_VERSION }}"
-      uses: actions/setup-java@v4 # https://github.com/actions/setup-java
+      uses: actions/setup-java@v4  # https://github.com/actions/setup-java
       with:
         distribution: temurin
         java-version: ${{ env.JAVA_VERSION }}
@@ -74,7 +79,7 @@ jobs:
 
 
     - name: "Install: Maven"
-      uses: stCarolas/setup-maven@v5 # https://github.com/stCarolas/setup-maven
+      uses: stCarolas/setup-maven@v5  # https://github.com/stCarolas/setup-maven
       with:
         maven-version: 3.9.6
 
@@ -216,3 +221,42 @@ jobs:
           !~/.m2/repository/.cache/tycho/https/raw.githubusercontent.com
           !~/.m2/repository/*SNAPSHOT*
         key: ${{ steps.cache-restore.outputs.cache-primary-key }}
+
+
+  ###########################################################
+  dependabot-pr-auto-merge:
+  ###########################################################
+    needs: build
+    if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
+    runs-on: ubuntu-latest
+
+    concurrency: dependabot-pr-auto-merge
+
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+    - name: Dependabot metadata
+      id: metadata
+      uses: dependabot/fetch-metadata@v2  # https://github.com/dependabot/fetch-metadata/
+      with:
+        github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+
+    - name: Enable auto-merge for Dependabot PRs
+      if: |
+        ${{
+          (
+            steps.dependabot-metadata.outputs.package-ecosystem == 'github-actions' && 
+            steps.metadata.outputs.update-type == 'version-update:semver-major'
+          ) || (
+            steps.dependabot-metadata.outputs.package-ecosystem == 'maven' && 
+            steps.metadata.outputs.update-type == 'version-update:semver-minor'
+          )
+        }}
+      run: |
+        gh pr merge --auto --rebase "$PR_URL"
+      env:
+        PR_URL: ${{github.event.pull_request.html_url}}
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -0,0 +1,57 @@
+# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+name: Stale issues
+
+on:
+  schedule:
+    - cron: '0 16 * * 1'
+  workflow_dispatch:
+    # https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/
+
+permissions:
+  contents: write # only for delete-branch option
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Git checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
+
+    - name: Run stale action
+      uses: actions/stale@v9  # https://github.com/actions/stale
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        days-before-stale: 90
+        days-before-close: 14
+        stale-issue-message: >
+          This issue has been automatically marked as stale because it has not had
+          recent activity. It will be closed in 14 days if no further activity occurs.
+          If the issue is still valid, please add a respective comment to prevent this 
+          issue from being closed automatically. Thank you for your contributions.
+        stale-issue-label: stale
+        close-issue-label: wontfix
+        exempt-issue-labels: |
+          enhancement
+          pinned
+          security
+
+    - name: Run stale action
+      uses: actions/stale@v9  # https://github.com/actions/stale
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        days-before-stale: 360
+        days-before-close: 14
+        stale-issue-message: >
+          This issue has been automatically marked as stale because it has not had
+          recent activity. It will be closed in 14 days if no further activity occurs.
+          If the issue is still valid, please add a respective comment to prevent this 
+          issue from being closed automatically. Thank you for your contributions.
+        stale-issue-label: stale
+        close-issue-label: wontfix
+        only-labels: enhancement
+        exempt-issue-labels: |
+          pinned
+          security