ridedott/merge-me-action

Doesn't merge pull requests with default settings

glowacki-dev opened this issue · 2 comments

glowacki-dev commented

How would you describe the issue?

I'm using github's built-in dependabot and added merge-me according to documentation. The action doesn't seem to properly recognise dependabot as commits author out of the box.

How can we reproduce the issue?

  1. Create new job using default settings
jobs:
  merge-me:
    name: Merge me!
    runs-on: ubuntu-latest
    steps:
      - name: Merge me!
        uses: ridedott/merge-me-action@v2.6.1
        with:
          GITHUB_TOKEN: ${{ secrets.AUTO_MERGE_TOKEN }}

What are the expected results?

dependabot PRs get merged

What are the actual results?

Job fails with the following output:

Automatic merges enabled for GitHub login: dependabot.
Found pull request information: {"authorLogin":"dependabot","commitAuthorName":"dependabot[bot]","commitMessage":"Bump @sentry/node from 6.2.4 to 6.2.5\n\nBumps [@sentry/node](https://github.com/getsentry/sentry-javascript) from 6.2.4 to 6.2.5.\n- [Release notes](https://github.com/getsentry/sentry-javascript/releases)\n- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.4...6.2.5)\n\nSigned-off-by: dependabot[bot] <support@github.com>","commitMessageHeadline":"Bump @sentry/node from 6.2.4 to 6.2.5","mergeableState":"MERGEABLE","merged":false,"pullRequestId":"MDExOlB1bGxSZXF1ZXN0NjExMjQ4NzIz","pullRequestState":"OPEN","pullRequestTitle":"Bump @sentry/node from 6.2.4 to 6.2.5","reviewEdges":[]}.
Pull request changes were not made by dependabot.

How much does it hurt?

Just setting GITHUB_LOGIN to dependabot[bot] (which is commitAuthorName) prevents the job from running since PR author doesn't match anymore:

Automatic merges enabled for GitHub login: dependabot[bot].
Pull request created by dependabot, not dependabot[bot], skipping.

However, it's possible to workaround this with micromatch:

GITHUB_LOGIN: '(dependabot|dependabot\[bot\])'

Here's an example workflow that failed https://github.com/mavend/octoboard/runs/2307117681?check_suite_focus=true and it's job definition https://github.com/mavend/octoboard/actions/runs/733497847/workflow

And a workflow with workaround that merged the PR https://github.com/mavend/octoboard/runs/2307312762?check_suite_focus=true and it's job definition https://github.com/mavend/octoboard/actions/runs/733570773/workflow

mjroeleveld commented

Thanks for the report, this should be fixed with #861. Could you confirm?

glowacki-dev commented

Yup, works great with default settings now 👍