opentelemetry-go icon indicating copy to clipboard operation
opentelemetry-go copied to clipboard
verified publisher icon open-telemetry

use github actions to auto-update dependabot branches

Open lizthegrey opened this issue 5 years ago • 2 comments

we have (for good reason) "must be in sync with base" to merge, but this results in manual work when trying to merge dependabot updates.

lizthegrey avatar Jun 22 '20 17:06 lizthegrey

As I understand it, dependabot will try to rebase its own PRs so long as commits from "others" have not been made to the PR.

The mod-tidier github workflow is currently configured to run only when a PR branch is labelled with "dependencies". My understanding (yet to be thoroughly vetted) is that

  1. dependabot creates the PR and then labels it with "dependencies".
  2. The mod-tidier github workflow will run and, if it finds any other go.sum files that need to be updated, then will perform its "auto-commit" under the auspices of the most recent committer (in this case, it would be dependabot).

Whether this counts as a commit by "other users" is something I'm yet to ascertain.

If I'm understanding the issue correctly, it may be best to wait until the next "auto-PR open" by dependabot happens, and then see what mod-tidier does with it - whether dependabot will still continue to rebase after mod-tidier runs.

evantorrie avatar Jun 22 '20 21:06 evantorrie

The problem is even if there isn't a conflict, it's necessary to merge. Dependabot knows how to rebase on conflict, but not if there are no conflicts.

lizthegrey avatar Jun 22 '20 21:06 lizthegrey

It seems like this issue is resolved with #2997, since we now have a single PR for all dependabot upgrades.

dmathieu avatar Aug 29 '22 12:08 dmathieu

Closed with #2997

MrAlias avatar Aug 29 '22 15:08 MrAlias