A webhook to approve dependency PRs created by bots

The webhook can be configured on the repo or on the org level

• it needs to have the Payload URL set to the "web endpoint" of the val ( ... -> Endpoints -> Copy web endpoint)
• it needs to POST a json payload
• it needs to receive the workflow_runs events
• it needs to have the webhookSecret configured to the same value as in val town secrets (line 7)

(else response is 401: Not verified)

It will only approve if all of the following conditions are met:

• the event action is completed, the workflow_run.conclusion has to be success, and the event is related to exactly one pull request
  (else response is 202: Ignored (event))
• the PR is authored authored by one of the users listed in allowedAuthors (line 5)
  (else response is 202: Ignored (pr author))
• the githubApiToken configured in line 9 needs to have repo access to the related repository
  (else response is 50x: some error message)
• a branch protection has to be configured that requires at least one review approval and at least one status check
  (else response is 202: Ignored (branch protection))
• the PR has auto-merge enabled
  (else response is 202: Ignored (pr status))
• the PR has any failing status checks (even if not required)
  (else response is 202: Ignored (pr checks))
• the current value for dryRun is false (line 3)
  (else response is 200: Would have been approved (dryRun))

If it approves the PR, it leaves a comment pointing to the website of this val.

Migrated from folder: webhooks/githubWebhookApproveDependencyPRs