I’m trying to set up automation for the Renovate bot to automatically merge all the pull requests that contain minor and patch dependency updates.

Here is my renovate.json configuration

{
  ...
  "packageRules": [
    {
      "matchUpdateTypes": ["minor", "patch"],
      "automerge": true
    }
  ]
}

Pull requests are created successfully, and all minor and patch updates are marked to auto-complete.

I’ve written a script to merge all PRs created by Renovate if the Build for the particular PR succeded and bypasses all PR policies (we have a 2 approvals policy):

steps:
  -   bash: |
        pr_list=$(az repos pr list --query "[?autoCompleteSetBy!=null && starts_with(sourceRefName, 'refs/heads/renovate')].[pullRequestId]" --output tsv)

        while IFS=$'t' read -r pr_id; do
          echo "##[warning]Starting checks for PR $pr_id"
          build_status=$(az repos pr policy list --id $pr_id --query "[?configuration.type.displayName=='Build'].{Status:status}" --output tsv)
          echo "##[warning]Build status - $build_status"
          if [[ $build_status == "approved" ]]; then
              echo "##[warning]Build policy succeeded for PR $pr_id. Merging with bypassing other policies"
            az repos pr update --id $pr_id --status completed --bypass-policy true
          else
              echo "##[warning]Build policy not succeeded for PR $pr_id. Skipping merge."
          fi
        done <<< "$pr_list"

I planned to run Renovate Bot checks every Saturday to create PRs and then on Sunday run the script to merge them.

My solution works, but I hope there is a better way to achieve it.

One thing is required – the Build must succeed.