Last active
May 6, 2023 13:22
-
-
Save Purpzie/8ed86ae38c73f440881bbee0523a324b to your computer and use it in GitHub Desktop.
Action to update pnpm-lock.yaml when Dependabot opens a PR. Be warned that this may cause lots of merge conflicts.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/dependabot/dependabot-core/issues/1736 | |
| name: Dependabot | |
| on: pull_request_target | |
| permissions: read-all | |
| jobs: | |
| update-lockfile: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| steps: | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: ^7 | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - run: pnpm i --lockfile-only | |
| - run: | | |
| git config --global user.name github-actions[bot] | |
| git config --global user.email github-actions[bot]@users.noreply.github.com | |
| git add pnpm-lock.yaml | |
| git commit -m "Update pnpm-lock.yaml" | |
| git push |
Hi, using the code in the project it gave me the error when trying to update a repo with ssh, showing the error below:
ERROR Command failed with exit code 128: git ls-remote --refs git+ssh://[email protected]/xxxxxxxx/xxxxxxx.git
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Can you help me with this error?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I was running to some workflow issues with this approach. The only thing I would recommend adding is a Personal Access Token to ensure that
pushworkflows are called properly.