From e590b491fce2379115e06b8f18f6afa9c20c4a7f Mon Sep 17 00:00:00 2001
From: Christophe <christophe.laranjo@gmail.com>
Date: Mon, 22 Apr 2024 15:51:57 +0200
Subject: [PATCH 1/5] DX-208 <update automerge>

---
 .github/workflows/automerge-dependabot.yml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/automerge-dependabot.yml b/.github/workflows/automerge-dependabot.yml
index d80acc0..94a26b4 100644
--- a/.github/workflows/automerge-dependabot.yml
+++ b/.github/workflows/automerge-dependabot.yml
@@ -25,15 +25,19 @@ jobs:
       with:
         github-token: "${{ secrets.github-token }}"
 
-    - name: Approve a PR
-      run: gh pr review --approve "$PR_URL"
+    - name: Check PR checks
+      run: |
+        PR_URL="${{ github.event.pull_request.html_url }}"
+        if gh pr checks "$PR_URL" --json conclusion | grep -q '"conclusion": "FAILURE"'; then
+          echo "Failed checks detected, stopping automerge."
+          exit 1
+        fi
       env:
-        PR_URL: ${{ github.event.pull_request.html_url }}
         GITHUB_TOKEN: ${{ secrets.github-token }}
 
     - name: Enable auto-merge for Dependabot PRs
       if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
-      run: gh pr merge --auto --squash "$PR_URL"
+      run: gh pr merge --auto --squash --admin "$PR_URL"
       env:
         PR_URL: ${{ github.event.pull_request.html_url }}
         GITHUB_TOKEN: ${{ secrets.github-token }}

From 699738009a105da0d7ccfbe44656c5dd80b7f7cc Mon Sep 17 00:00:00 2001
From: Christophe <christophe.laranjo@gmail.com>
Date: Mon, 22 Apr 2024 16:05:46 +0200
Subject: [PATCH 2/5] DX-208 <workflow with codeowners>

---
 .../automerge-dependabot-with-codeowners.yml  | 40 +++++++++++++++++++
 .github/workflows/automerge-dependabot.yml    | 10 ++---
 2 files changed, 43 insertions(+), 7 deletions(-)
 create mode 100644 .github/workflows/automerge-dependabot-with-codeowners.yml

diff --git a/.github/workflows/automerge-dependabot-with-codeowners.yml b/.github/workflows/automerge-dependabot-with-codeowners.yml
new file mode 100644
index 0000000..3914043
--- /dev/null
+++ b/.github/workflows/automerge-dependabot-with-codeowners.yml
@@ -0,0 +1,40 @@
+---
+name: Auto-merge dependabot PR's
+
+on: 
+  workflow_call:
+    secrets:
+      github-token:
+        required: true
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  dependabot:
+    name: Dependabot auto-merge
+    runs-on: [self-hosted, nonroot]
+    timeout-minutes: 15
+    if: ${{ github.actor == 'dependabot[bot]' }}
+
+    steps:
+    - name: Dependabot metadata
+      id: dependabot-metadata
+      uses: dependabot/fetch-metadata@v2.0.0
+      with:
+        github-token: "${{ secrets.github-token }}"
+
+    - name: Check PR checks
+      run: |
+          PR_URL="${{ github.event.pull_request.html_url }}"
+          gh pr checks $PR_URL --required  --required --watch --fail-fast > /dev/null
+      env:
+        GITHUB_TOKEN: ${{ secrets.github-token }}
+
+    - name: Enable auto-merge for Dependabot PRs
+      if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+      run: gh pr merge --auto --squash --admin "$PR_URL"
+      env:
+        PR_URL: ${{ github.event.pull_request.html_url }}
+        GITHUB_TOKEN: ${{ secrets.github-token }}
diff --git a/.github/workflows/automerge-dependabot.yml b/.github/workflows/automerge-dependabot.yml
index 94a26b4..34c06bc 100644
--- a/.github/workflows/automerge-dependabot.yml
+++ b/.github/workflows/automerge-dependabot.yml
@@ -25,14 +25,10 @@ jobs:
       with:
         github-token: "${{ secrets.github-token }}"
 
-    - name: Check PR checks
-      run: |
-        PR_URL="${{ github.event.pull_request.html_url }}"
-        if gh pr checks "$PR_URL" --json conclusion | grep -q '"conclusion": "FAILURE"'; then
-          echo "Failed checks detected, stopping automerge."
-          exit 1
-        fi
+    - name: Approve a PR
+      run: gh pr review --approve "$PR_URL"
       env:
+        PR_URL: ${{ github.event.pull_request.html_url }}
         GITHUB_TOKEN: ${{ secrets.github-token }}
 
     - name: Enable auto-merge for Dependabot PRs

From 9a5a069d08d19c9bbc619e9f73b4e2b1901aad3b Mon Sep 17 00:00:00 2001
From: Christophe <christophe.laranjo@gmail.com>
Date: Mon, 22 Apr 2024 16:10:26 +0200
Subject: [PATCH 3/5] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index dc0acfa..db3b6b1 100644
--- a/README.md
+++ b/README.md
@@ -94,6 +94,7 @@ jobs:
 ## Merge dependabot PRs automatically
 
 To auto-merge Dependabot PRs, add this to the end of your lint and test workflow so that the automerge only gets triggered after the tests are successful:
+If you have codeowners on your project change for automerge-dependabot-with-codeowners.yml@main
 
 ```yaml
   automerge:

From da73e4a175be84d20652082e4898f8723ac727d3 Mon Sep 17 00:00:00 2001
From: Christophe <christophe.laranjo@gmail.com>
Date: Mon, 22 Apr 2024 16:15:02 +0200
Subject: [PATCH 4/5] Update automerge-dependabot.yml

---
 .github/workflows/automerge-dependabot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/automerge-dependabot.yml b/.github/workflows/automerge-dependabot.yml
index 34c06bc..d80acc0 100644
--- a/.github/workflows/automerge-dependabot.yml
+++ b/.github/workflows/automerge-dependabot.yml
@@ -33,7 +33,7 @@ jobs:
 
     - name: Enable auto-merge for Dependabot PRs
       if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
-      run: gh pr merge --auto --squash --admin "$PR_URL"
+      run: gh pr merge --auto --squash "$PR_URL"
       env:
         PR_URL: ${{ github.event.pull_request.html_url }}
         GITHUB_TOKEN: ${{ secrets.github-token }}

From 38c281c7da6ec04913ac7387c7d89a27c1f12b7e Mon Sep 17 00:00:00 2001
From: Christophe <christophe.laranjo@gmail.com>
Date: Tue, 23 Apr 2024 11:37:17 +0200
Subject: [PATCH 5/5] Update automerge-dependabot-with-codeowners.yml

---
 .github/workflows/automerge-dependabot-with-codeowners.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/automerge-dependabot-with-codeowners.yml b/.github/workflows/automerge-dependabot-with-codeowners.yml
index 3914043..302c2b7 100644
--- a/.github/workflows/automerge-dependabot-with-codeowners.yml
+++ b/.github/workflows/automerge-dependabot-with-codeowners.yml
@@ -24,11 +24,11 @@ jobs:
       uses: dependabot/fetch-metadata@v2.0.0
       with:
         github-token: "${{ secrets.github-token }}"
-
+  
     - name: Check PR checks
       run: |
           PR_URL="${{ github.event.pull_request.html_url }}"
-          gh pr checks $PR_URL --required  --required --watch --fail-fast > /dev/null
+          gh pr checks $PR_URL --required --watch --fail-fast > /dev/null
       env:
         GITHUB_TOKEN: ${{ secrets.github-token }}