name: Update Lockfiles for Dependabot Monorepo PRs

on:
  pull_request:
    paths:
      - 'superset-frontend/packages/**/package.json'
      - 'superset-frontend/plugins/**/package.json'
    # Trigger this workflow when Dependabot creates a pull request
    types: [opened, synchronize, reopened]

jobs:
  update-lock-file:
    runs-on: ubuntu-latest
    if: github.event.pull_request.user.login == 'dependabot[bot]' # Ensure it only runs for Dependabot PRs
    defaults:
      run:
        working-directory: superset-frontend
    steps:
      - name: Checkout Code
        uses: actions/checkout@v2
        with:
          ref: ${{ github.head_ref }} # Checkout the branch that made the PR

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '16'

      - name: Install Dependencies and Update Lock File
        run: |
          npm install

      - name: Commit and Push Changes
        run: |
          git config user.name "GitHub-Actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git add package-lock.json
          # Push the changes back to the branch if they exist, and pass if there are no changes
          git diff --staged --quiet || (git commit -m "Update lock file for Dependabot PR" -a && git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} ${{github.head_ref}})