From 9e5c122f747d98900ea1bdf560d61c84d7622659 Mon Sep 17 00:00:00 2001
From: Guillaume Lours <guillaume.lours@docker.com>
Date: Wed, 19 Aug 2020 15:29:12 +0200
Subject: [PATCH] Update dependabot PR to update go.sum file

Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
---
 .github/workflows/ci.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 372f66dd7..2715f5535 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,6 +18,24 @@ jobs:
       - name: Checkout code into the Go module directory
         uses: actions/checkout@v2
 
+      # https://github.com/dependabot/dependabot-core/issues/1995
+      - name: Update dependabot PR
+        if: github.event.pusher.name == 'dependabot-preview'
+        run: |
+          git config --local user.email "compose-cli-ci@docker.com"
+          git config --local user.name "CI GitHub Action"
+          go mod tidy -v
+          git add .
+          git commit -sm'Update go.sum after dependabot PR'
+
+      - name: Update dependabot PR if needed
+        if: github.event.pusher.name == 'dependabot-preview'
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.ref }}
+          force: false
+
       - name: Validate go-mod is up-to-date and license headers
         run: make validate