From cb94b5dc3d640249e32a50c6e4347bba461c81b0 Mon Sep 17 00:00:00 2001
From: Nextcloud bot <bot@nextcloud.com>
Date: Fri, 5 Aug 2022 12:51:31 +0000
Subject: Updating dependabot-approve-merge.yml workflow from template

Signed-off-by: Nextcloud bot <bot@nextcloud.com>
---
 .github/workflows/dependabot-approve-merge.yml | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

(limited to '.github')

diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
index 53ccf2ca..0d6e3434 100644
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -7,23 +7,30 @@ name: Dependabot
 
 on:
   pull_request_target:
-     branches:
+    branches:
       - main
+      - master
       - stable*
 
+permissions:
+  contents: read
+
 jobs:
-  auto-merge:
+  auto-approve-merge:
+    if: github.actor == 'dependabot[bot]'
     runs-on: ubuntu-latest
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write 
+
     steps:
-      # Default github action approve
+      # Github actions bot approve
       - uses: hmarr/auto-approve-action@v2
-        if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
       # Nextcloud bot approve and merge request
       - uses: ahmadnassri/action-dependabot-auto-merge@v2
-        if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
         with:
           target: minor
           github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}
-- 
cgit v1.2.3