From 8028caf8c6b520c11657211dfdbcc565b43627cb Mon Sep 17 00:00:00 2001
From: Will Murphy <will.murphy@anchore.com>
Date: Fri, 8 Dec 2023 15:47:56 -0500
Subject: [PATCH] chore: fix dependabot auto-merge workflow

The workflow needs to approve the PR, and it needs to request a squash
type merge, because that's required by branch protection rules.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
---
 .github/workflows/dependabot-auto-merge.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dependabot-auto-merge.yaml b/.github/workflows/dependabot-auto-merge.yaml
index cfd7e25..3ef251d 100644
--- a/.github/workflows/dependabot-auto-merge.yaml
+++ b/.github/workflows/dependabot-auto-merge.yaml
@@ -19,7 +19,7 @@ jobs:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs
         if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor'
-        run: gh pr merge --auto --merge "$PR_URL"
+        run: gh pr merge --auto --squash "$PR_URL" && gh pr review --approve "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}