Merge pull request #38 from StatusCakeDev/update-policies

ci: update policies

.github/dependabot.yaml

@@ -4,7 +4,7 @@ updates:
 - package-ecosystem: github-actions
   directory: /
   schedule:
-    interval: monthly
+    interval: weekly
   commit-message:
     prefix: ci(deps)
 - package-ecosystem: npm

.github/workflows/auto-merge.yaml

@@ -0,0 +1,48 @@
+---
+name: auto-merge
+on:
+  pull_request:
+permissions:
+  contents: write
+  pull-requests: write
+jobs:
+  check-can-auto-merge:
+    if: github.triggering_actor == 'dependabot[bot]'
+    name: Check if PR can be auto-merged
+    runs-on: ubuntu-latest
+    outputs:
+      can-auto-merge: ${{ steps.can-auto-merge.outputs.approve }}
+    steps:
+    - uses: dependabot/[email protected]
+      id: dependabot-metadata
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+    - if: |
+        steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' ||
+        steps.dependabot-metadata.outputs.package-ecosystem == 'github_actions'
+      id: can-auto-merge
+      run: echo "approve=true" >> $GITHUB_OUTPUT
+  auto-merge:
+    needs: check-can-auto-merge
+    if: needs.check-can-auto-merge.outputs.can-auto-merge == 'true'
+    name: Auto merge pull requests
+    runs-on: ubuntu-latest
+    steps:
+    - uses: dependabot/[email protected]
+      id: dependabot-metadata
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+    - name: Approve Dependabot PR
+      run: gh pr review --approve "${PR_URL}"
+      env:
+        PR_URL: ${{ github.event.pull_request.html_url }}
+        # Because we enforce PRs be approved by a code owner, a token from the
+        # operations team must be used to approve the PR. This token is from the
+        # StatusCake machine account which has been given membership to the
+        # operations team.
+        GITHUB_TOKEN: ${{ secrets.MACHINE_TOKEN }}
+    - name: Enable auto-merge for Dependabot PR
+      run: gh pr merge --auto --merge "${PR_URL}"
+      env:
+        PR_URL: ${{ github.event.pull_request.html_url }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.yamlfmt

@@ -0,0 +1,18 @@
+# vi: ft=yaml
+---
+exclude:
+- node_modules/
+- src/spec/
+formatter:
+  type: basic
+  # There is a "bug" with the behaviour of this option that will move file head
+  # comments below the initial document start. For example front matter is
+  # rearraged and therefore misplaced in the file. This behaviour prevents
+  # `ymalfmt` from being run in CI or automatically in code editors.
+  include_document_start: true
+  indentless_arrays: true
+  pad_line_comments: 2
+  # There is missing functionality in `yamlfmt` to remove redundantly quoted
+  # strings from YAML documents, and prefer the use of double quotes (or
+  # whatever is configured). This means further manual effort is required to
+  # correct files.

.yamllint

@@ -5,6 +5,8 @@ ignore: |
   node_modules/
   src/spec/
 rules:
+  document-start:
+    level: error
   indentation:
     indent-sequences: false
     spaces: 2

src/spec/openapi.yaml

@@ -1,7 +1,7 @@
 ---
 swagger: "2.0"
 info:
-  title: "Dummy API"
+  title: Dummy API
   description: |
     This is a dummy API schema document. To render the schema available in
     production replace `src/spec/openapi.yaml` with the file found