Comments (5)
@bennycode - your action isn't actually using fetch-metadata
(it's ignoring the output) - so it's equivalent to:
name: Dependabot auto-merge
on: pull_request_target
permissions:
pull-requests: write
contents: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Enable auto-merge for Dependabot PRs
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
The error you're getting is being thrown by the github cli. I see you already posted about this cli/cli#3660 - if you got an answer on how we can update our example workflow to address this issue, please let me know.
from fetch-metadata.
@bennycode Did you resolve this issue? I am facing the same. In my repo, I have branch protection enabled with:
- Require approvals
- Require status checks to pass before merging
- Restrict who can push to matching branches
My latest attempt (ampproject/amp-wp#6975) is to wait to run gh pr merge --auto
until after all of the checks have passed but before I run gh pr review --approve
. Not sure yet if it works.
from fetch-metadata.
@bennycode Does using a personal access token solve the issue?
from fetch-metadata.
I added a personal access token but I am still seeing this error:
gh pr merge --auto --squash "$PR_URL"
shell: /usr/bin/bash -e {0}
env:
PR_URL: ***
GITHUB_TOKEN: ***
Message: Can't enable auto-merge for this pull request., Locations: [{Line:1 Column:72}]
Error: Process completed with exit code 1.
I got it working in my personal public repository (implementation, proof that it works) but it doesn't work in my org's private repository (that uses the same YML config and has a personal access token configured in GitHub Secrets). 😢
from fetch-metadata.
Phew! I just found the issue. I ran into the "Can't enable auto-merge for this pull request" problem because auto-merge wasn't activated in my repo. After activating the "Allow auto-merge" feature in my repository settings it worked:
This made the GitHub Actions bot do the following:
Here is my final config:
name: Dependabot auto-merge
on: [pull_request_target]
permissions:
pull-requests: write
contents: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
steps:
- name: Enable auto-merge on PR
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Approve PR
run: gh pr review --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
It actually works without "dependabot/fetch-metadata". I thought I needed "dependabot/fetch-metadata" because it was listed here. I also didn't knew that the secrets.GITHUB_TOKEN is something very special and not just a secret that you setup yourself in the "Action secrets" section of your repository settings.
Thanks to everyone who has helped!!
@brrygrdn: Can the "Can't enable auto-merge for this pull request" error message be improved in GitHub's cli to give a hint that auto-merge must be enabled on repository-level?
from fetch-metadata.
Related Issues (20)
- Fetch Metadata action returns null update-type output for pull requests HOT 14
- Auto-merge not adhering to Branch Protection Rules HOT 3
- Error: Api Error: (404) Not Found HOT 1
- Package ecosystem output for gitsubmodules PRs is inconsistent with dependabot.yml
- `new-version` has trailing whitespace
- Allow for additional event types / Ignore "pull-request"+"pull-request-target" event types? HOT 1
- Support `newVersion` and `prevVersion` for updates with multiple dependencies HOT 2
- Error: github-token is not set! Please add 'github-token: "${{ secrets.GITHUB_TOKEN }}"' to your workflow file. HOT 1
- Add `severity` to the action outputs
- Add alert number to outputs HOT 1
- Alert metadata lookup not working as expected HOT 2
- `fetch-metadata` action returns `/` for directory output HOT 1
- `fetch-metadata` can not fetch metadata when using `workflow_run` event HOT 1
- Directory name is not properly extracted from branch name when using `-` separator. HOT 1
- Multi-segment directory name malformed when using non-standard separator.
- github actor is not dependabot when rerunning the job HOT 1
- Dependabot "update-type" not available in metadata retrieved for PR HOT 6
- Dependabot runs fail due to strict node and npm pinning HOT 5
- Include "outputs.publish-date" HOT 1
- output directory set to target branch name HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fetch-metadata.