.github/workflows/test-and-merge.yml

name: Test and merge

on:
  push:
    branches:
      - main
  pull_request:

jobs:
  tests:
    runs-on: macos-12

    steps:
      - name: Checking out repo...
        uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Installing required packages...
        run: brew install openssl curl

      - name: Cache Vagrant boxes
        uses: actions/cache@v4
        with:
          path: ~/.vagrant.d/boxes
          key: ${{ runner.os }}-vagrant-${{ hashFiles('Vagrantfile') }}
          restore-keys: |
            ${{ runner.os }}-vagrant-

      - name: Generate SSH key if not exist
        run: |
          if [[ ! -f "~/.ssh/id_rsa" ]]; then
            ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
          fi;

      - name: Show Vagrant version
        run: vagrant --version

      - name: Run vagrant up
        run: vagrant up

      - name: test if running
        run: |
          curl_code=$(curl -Is http://localhost:8000/ | head -1 | grep -o '[0-9][0-9][0-9]');         
          echo "::set-output name=curl_code::$curl_code";
          [[ "$curl_code" == "200" ]] || [[ "$curl_code" == "302" ]];

      - name: Run vagrant halt
        run: vagrant halt --force

  dependabot:
    needs: tests
    permissions:
      pull-requests: write
      contents: write
    runs-on: ubuntu-latest
    # Checking the actor will prevent your Action run failing on non-Dependabot
    # PRs but also ensures that it only does work for Dependabot PRs.
    if: ${{ github.actor == 'dependabot[bot]' }}
    steps:
      # This first step will fail if there's no metadata and so the approval
      # will not occur.
      - name: Dependabot metadata
        id: dependabot-metadata
        uses: dependabot/fetch-metadata@v2.2.0
        with:
          github-token: "${{ secrets.GITHUB_TOKEN }}"
      # Here the PR gets approved.
      - name: Approve a PR
        run: gh pr review --approve "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      # Finally, this sets the PR to allow auto-merging for patch and minor
      # updates if all checks pass
      - name: Enable auto-merge for Dependabot PRs
        # if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
        run: gh pr merge --auto --squash "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}