From a624fd3e738a3acbc1f3c131f302e7d0990bfedf Mon Sep 17 00:00:00 2001
From: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Date: Mon, 12 Aug 2024 23:22:21 -0300
Subject: [PATCH] ci: auto approve dependency prs

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
---
 .github/workflows/dependabot-automation.yml | 24 +++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/dependabot-automation.yml

diff --git a/.github/workflows/dependabot-automation.yml b/.github/workflows/dependabot-automation.yml
new file mode 100644
index 000000000..7e91bba97
--- /dev/null
+++ b/.github/workflows/dependabot-automation.yml
@@ -0,0 +1,24 @@
+# see https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
+
+name: dependabot
+
+on:
+  pull_request:
+
+permissions:
+  pull-requests: write
+
+jobs:
+  automation:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - id: metadata
+        uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}