name: Dependabot post-update
on:
  pull_request_target:
    types: [opened, synchronize, reopened]
    branches:
      - main

env:
  HUSKY: "0"

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
  cancel-in-progress: true

jobs:
  post-update:
    if: ${{ github.actor == 'dependabot[bot]' }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [20]
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Checkout out pull request
        env:
          GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
        run: |
          gh pr checkout ${{ github.event.pull_request.number }}

      - name: Install pnpm
        uses: pnpm/action-setup@v4

      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node-version }}
          cache: "pnpm"

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Test and Build
        run: |
          pnpm run test
          pnpm run build