Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Batch Dependabot PRs #19745

Merged
merged 8 commits into from
Jan 5, 2023
Merged

Batch Dependabot PRs #19745

merged 8 commits into from
Jan 5, 2023

Conversation

rosstimothy
Copy link
Contributor

@rosstimothy rosstimothy commented Dec 30, 2022
edited
Loading

Leverages https://github.com/Legal-and-General/dependabot-batcher to create and/or maintain a merged PR (and branch) of all the Dependabot PRs and close them as they are merged in, leaving a single Dependabot PR behind.

The Dependabot schedule is set for Sunday at 9:00am and the batcher workflow is configured to run Sunday at 9:00pm.

All workflows that run on pull requests open have been configured to ignore branches prefixed with dependabot/. Since the dependabot PRs are all going to be closed and batched there is no need to waste CI minutes on them. Any new workflows will require the same check to prevent running on dependabot PRs.

codingllama
codingllama approved these changes Jan 3, 2023
View reviewed changes
Copy link
Contributor

@codingllama codingllama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for putting this together. LGTM.

.github/dependabot.yml Show resolved Hide resolved
.github/dependabot.yml Outdated Show resolved Hide resolved
.github/workflows/dependabot-batcher.yaml Outdated Show resolved Hide resolved
@rosstimothy
Batch Dependabot PRs
00034eb 
Leverages https://github.com/Legal-and-General/dependabot-batcher
to create and/or maintain a merged PR (and branch) of all the
Dependabot PRs and close them as they are merged in, leaving a
single Dependabot PR behind.

The Dependabot schedule is set for Sunday at 9:00am and the batcher
workflow is configured to run Sunday at 9:00pm.

All workflows that run on pull requests open have been configured
to ignore branches prefixed with `dependabot/`. Since the dependabot PRs
are all going to be closed and batched there is no need to waste CI
minutes on them. Any new workflows will require the same check to
prevent running on dependabot PRs.
@rosstimothy rosstimothy marked this pull request as ready for review January 4, 2023 20:16
@rosstimothy rosstimothy enabled auto-merge (squash) January 5, 2023 13:05
@rosstimothy rosstimothy merged commit 3ebbfdd into master Jan 5, 2023
@rosstimothy rosstimothy deleted the tross/dependabot_batcher branch January 5, 2023 13:29
@pauleustice
Copy link

@rosstimothy I'm one of the creators of the Dependabot Batcher. Please let us know how you get on with it, and if you have any suggestions!

reedloden added a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check
b564e9f 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
@reedloden reedloden mentioned this pull request Nov 28, 2023
Merged
github-merge-queue bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check (#35066)
0d4f6d1 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-actions bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check
58b071c 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-actions bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check
f4e0694 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-actions bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check
0276869 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-merge-queue bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check (#35087)
2c8c2e4 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-merge-queue bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check (#35086)
39854ca 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
github-merge-queue bot pushed a commit that referenced this pull request Nov 28, 2023
@reedloden
Remove bypass for dependabot on dependency-review check (#35085)
fe04d4b 
The bypass `if` for dependabot PRs added in #19745 is failing `dependency-review` due
to this workflow effectively just proxying to another workflow in `shared-workflows`.
This is causing the workflow to not run at all, and since it's required, it's causing
dependabot PRs to not pass status checks. Remove the bypass for now to make checks
pass again.
@wadells wadells mentioned this pull request Dec 29, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codingllama codingllama codingllama approved these changes

@zmb3 zmb3 zmb3 approved these changes

@klizhentas klizhentas Awaiting requested review from klizhentas klizhentas is a code owner

@russjones russjones Awaiting requested review from russjones russjones is a code owner

@r0mant r0mant Awaiting requested review from r0mant r0mant is a code owner

Assignees
No one assigned
Labels
size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rosstimothy @pauleustice @zmb3 @codingllama