Add Dependabot Automerge workflow

[leynos]

Summary

• Adds Dependabot Automerge workflow to the repository
• Uses the shared-actions workflow to automate merging Dependabot PRs
• Triggers on pull_request_target and supports manual dispatch via workflow_dispatch
• Grants necessary permissions for repository contents and pull requests

Changes

Workflow

• File added: .github/workflows/dependabot-automerge.yml
• Triggers: pull_request_target, workflow_dispatch
• Permissions:
  • contents: write
  • pull-requests: write
• Automation:
  • Delegates to external workflow: leynos/shared-actions/.github/workflows/dependabot-automerge.yml@235d2d07b9a321364a742310873f6732d7228e72

Security / Dependency

• Pins the shared workflow to a specific commit for reproducibility

Test plan

• Validate the workflow file exists in the repo
• Ensure the workflow is triggered by Dependabot PRs via pull_request_target
• Verify automerge occurs when all checks pass and approvals are in place
• Confirm manual dispatch via workflow_dispatch works as expected

🌿 Generated by Terry

---

ℹ️ Tag @terragon-labs to ask questions and address PR feedback

📎 Task: https://www.terragonlabs.com/task/22fc02e6-d7a7-4071-9c8b-57dfde1e07b9

Summary by Sourcery

CI:

• Introduce a Dependabot automerge GitHub Actions workflow triggered on Dependabot pull_request_target events and manual workflow_dispatch, with appropriate write permissions and a pinned shared workflow reference.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Adds a new GitHub Actions workflow that delegates Dependabot PR automerging to a shared, pinned reusable workflow, triggered on Dependabot-targeted pull requests and via manual dispatch, with appropriate repository and PR write permissions.

Sequence diagram for Dependabot PR automerge workflow

sequenceDiagram
  actor Dependabot
  actor Maintainer
  participant Repo
  participant Workflow as Dependabot_Automerge_Workflow
  participant Reusable as Shared_Reusable_Workflow

  Dependabot->>Repo: Open pull_request_target PR
  Repo-->>Workflow: Trigger on pull_request_target

  Maintainer->>Repo: Optional manual workflow_dispatch
  Repo-->>Workflow: Trigger on workflow_dispatch

  Workflow->>Reusable: Invoke reusable workflow with commit pin
  Reusable->>Repo: Check PR status and approvals
  Reusable->>Repo: Use contents write permission
  Reusable->>Repo: Use pull-requests write permission
  Reusable->>Repo: Merge Dependabot PR when conditions satisfied

Loading

File-Level Changes

Change	Details	Files
Introduce Dependabot automerge workflow using a shared reusable workflow.	Add a new GitHub Actions workflow definition for Dependabot automerge Configure triggers for pull_request_target and manual workflow_dispatch Grant contents: write and pull-requests: write permissions to the workflow Define a single job that calls the external shared workflow pinned to a specific commit SHA for reproducibility and security	.github/workflows/dependabot-automerge.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch terragon/add-dependabot-automerge-workflow-7zprid

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codescene-delta-analysis]

No application code in the PR — skipped Code Health checks.

See analysis details in CodeScene

Quality Gate Profile: Pay Down Tech Debt
Want more control? Customize Code Health rules or catch issues early with our IDE extension and CLI tool.