fix: improve dependabot auto-merge with better error handling by MitaliBhalla · Pull Request #863 · openshift/backplane-cli
openshift-ci
bot
added
the
approved
label
Dec 9, 2025
- Add missing checkout step to fix 'fatal: not a git repository' error - Add required permissions (metadata: read, actions: read) for auto-merge - Improve error handling with GitHub API and graceful fallback behavior - Add informative comments to PRs when auto-merge fails due to permissions - Ensure workflow doesn't fail when auto-merge permissions are insufficient Fixes dependabot auto-merge workflow failures and provides better user experience.
- Add repository check to prevent workflow from running on forks - Fixes unwanted failure notifications on personal forks - Ensures workflow only runs on openshift/backplane-cli where intended
- Use environment variable reference instead of direct secret interpolation - Add explicit comments about automatic token masking - Add silent flag to curl commands to reduce log verbosity - Addresses security concerns about token exposure in public repo logs Co-authored-by: feichashao
- Remove X-GitHub-Api-Version header to avoid version binding - GitHub REST API is backward compatible and version header is optional - Simplifies API calls and reduces maintenance overhead
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters