# License: LGPL-3.0-or-later
name: Dependabot Ruby
env:
  node: 14.6.0
  os: ubuntu-latest
on: 
  pull_request:
    paths:
      - "Gemfile"
      - "Gemfile.lock"
jobs:
  dependabot:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest]
        node: [14.6.0]
        ruby: [2.6.6]
    if: github.actor == 'dependabot[bot]'
    steps:
      - uses: actions/checkout@v2
        with:
          token: ${{ secrets.NOTICE_WORKER_PAT }}
      - run: yarn install --frozen-lockfile
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby }}
      - uses: actions/cache@v2
        name: Use Gem cache
        with:
          path: vendor/bundle
          key: bundle-use-ruby-${{ matrix.os }}-${{ matrix.ruby }}-${{ hashFiles('**/Gemfile.lock') }}
          restore-keys: |
            bundle-use-ruby-${{ matrix.os }}-${{ matrix.ruby }}-
      - run: |
          bundle config path vendor/bundle
          bundle install --jobs 4
      - name: rebuild NOTICE-ruby
        run: bin/rails notice:ruby:update
      - name: commit and push to branch
        run: | 
          git config --global user.name 'Houdini NOTICE-ruby worker'
          git config --global user.email 'wwahammy@users.noreply.github.com'
          git commit -am "Updated NOTICE-ruby (Houdini NOTICE-ruby worker)"
          git push