From 4697b96a0124944929ecefa09d488c7997419e43 Mon Sep 17 00:00:00 2001
From: Matt Sturgeon <matt@sturgeon.me.uk>
Date: Thu, 12 Sep 2024 09:21:28 +0100
Subject: [PATCH] mergify: fix "update PR" logic

We can no longer simply check the files list matches `[ flake.lock ]`,
since we now also touch `generated/` files.

Mergify conditions cannot be checked against "all" list items; checks
are always applied against "any" item. Therefore we need some
double-negatives to check that "any item does not match a regex that
does not match (flake.lock|generated/.*)".

Yes, this is horrible.
---
 .github/mergify.yml | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/.github/mergify.yml b/.github/mergify.yml
index b486e68c..e99cdfca 100644
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -17,8 +17,15 @@ queue_rules:
           # Allow queuing PRs that have been approved
           - "#approved-reviews-by >= 1"
 
-          # Allow queuing flake.lock updates without approval
+          # Allow queuing update PRs without approval
           - and:
-              - "#files = 1"
-              - files = flake.lock
-              - author = GaetanLepage
+              # We need a double-negative, because mergify only has "any" conditions on list types...
+              #
+              # So we check if "any file does not match the regex", using the `-` prefix operator.
+              # The regex matches anything except `flake.lock` and `generated`, using a negative lookahead `(?!)`
+              #
+              # After canceling out the double-negative, the condition below is true when
+              # _all_ files match either `^flake\.lock$` or `^generated/`
+              - "-files ~= ^(?!flake[.]lock$|generated/)"
+              # Also check the PR was opened by the github-actions bot
+              - author = github-actions