name: Update Lockfiles for Dependabot Monorepo PRs

on:
  pull_request:
    paths:
      - 'superset-frontend/packages/**/package.json'
      - 'superset-frontend/plugins/**/package.json'
    types: [opened, synchronize, reopened]
  issue_comment:
    types: [created]

# cancel previous workflow jobs for PRs
concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.issue.number || github.run_id }}
  cancel-in-progress: true

jobs:
  update-lock-file:
    runs-on: ubuntu-latest
    if: >
      (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]') ||
      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@supersetbot trigger-dependabot-lockfile') && github.event.issue.pull_request)
    defaults:
      run:
        working-directory: superset-frontend
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.ref || github.head_ref }} # Checkout the branch that made the PR or the comment's PR branch

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '16'

      - name: Install Dependencies and Update Lock File
        run: |
          npm install

      - name: Commit and Push Changes
        run: |
          git config user.name "GitHub-Actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git add package-lock.json
          # Push the changes back to the branch if they exist, and pass if there are no changes
          git diff --staged --quiet || (git commit -m "Update lock file for Dependabot PR" -a && git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} ${{ github.event.pull_request.head.ref || github.head_ref }})