From 20bf7a7a8a27b74f5e3a9fd808c9dada967633c9 Mon Sep 17 00:00:00 2001
From: Kaviraj Kanagaraj <kavirajkanagaraj@gmail.com>
Date: Tue, 15 Aug 2023 12:13:19 +0200
Subject: [PATCH] dependabot: Re-enable `auto-merge`. (#10244)

**What this PR does / why we need it**:
I reverted back auto merge, because of permission issues with "who" can
push to the repo.

After some internal discussion, we decided to use `grafanabot` for
enabling auto-merge. This PR does that.

**Which issue(s) this PR fixes**:
Fixes #<issue number>

**Special notes for your reviewer**:

**Checklist**
- [x] Reviewed the
[`CONTRIBUTING.md`](https://github.com/grafana/loki/blob/main/CONTRIBUTING.md)
guide (**required**)

Signed-off-by: Kaviraj <kavirajkanagaraj@gmail.com>
---
 .github/workflows/dependabot_reviewer.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/dependabot_reviewer.yml b/.github/workflows/dependabot_reviewer.yml
index ae6bc4460707f..f624d4c7f5123 100644
--- a/.github/workflows/dependabot_reviewer.yml
+++ b/.github/workflows/dependabot_reviewer.yml
@@ -24,10 +24,11 @@ jobs:
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
-      - name: Approve the dependabot PR
+      - name: Approve and auto-merge the dependabot PR
         run: |
+          gh pr merge --auto --squash "$PR_URL"
           gh pr review $PR_URL \
           --approve -b "Auto approve dependencies bump PR"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{secrets.GH_BOT_ACCESS_TOKEN}}