Implementation of flake bump auto approve and merge#154
Open
pkr4711 wants to merge 1 commit into
Open
Conversation
amphi
reviewed
May 7, 2026
| --method PUT \ | ||
| -H "Accept: application/vnd.github+json" \ | ||
| -H "X-GitHub-Api-Version: 2026-03-10" \ | ||
| /repos/daedalus-ca/test-auto-approve/pulls/${{ github.event.number }}/merge \ |
There was a problem hiding this comment.
why is there a reference to daedalus-ca here?
Author
There was a problem hiding this comment.
It's good that you're doing a review. I'll fix it. I tested the workflow in this organization.
Comment on lines
+44
to
+57
| # - name: Get App User ID | ||
| # id: get_user_id | ||
| # uses: octokit/request-action@v2.x | ||
| # with: | ||
| # route: "/users/${{ steps.generate_token.outputs.app-slug }}[bot]" | ||
| # env: | ||
| # GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | ||
| # - name: Setup Git | ||
| # shell: bash | ||
| # run: | | ||
| # git config --global --add safe.directory $PWD | ||
| # git config --global user.name '${{ steps.generate_token.outputs.app-slug }}[bot]' | ||
| # git config --global user.email '${{ fromJson(steps.get_user_id.outputs.data).id }}+${{ steps.generate_token.outputs.app-slug }}[bot]@users.noreply.github.com' | ||
| # git config --global push.autoSetupRemote true |
phip1611
reviewed
May 7, 2026
Member
phip1611
left a comment
phip1611
left a comment
There was a problem hiding this comment.
I'd prefer if you elaborate on the git commit message a little. something like:
ci: implementation of flake bump auto approve and merge
Add a GitHub workflow to automatically validate and merge pull requests
that only bump flake.lock. This reduces manual review overhead for routine
dependency updates while keeping the merge path constrained and auditable.
The workflow uses a dedicated gitlint config and custom rule to ensure each
eligible commit changes exactly flake.lock. Documentation is added for the
required GitHub App, secrets, permissions, and branch-ruleset bypass setup.
Signed-off-by: Paul Kroeher <paul.kroeher@cyberus-technology.de>
On-behalf-of: SAP paul.kroeher@sap.com
| private-key: ${{ secrets.GH_AUTO_APPROVE_APP_PRIVATE_KEY }} | ||
| owner: daedalus-ca | ||
| repositories: test-auto-approve | ||
| # - name: Get App User ID |
Member
There was a problem hiding this comment.
why are so many comment lines here?
Add a GitHub workflow to automatically validate and merge pull requests that only bump flake.lock. This reduces manual review overhead for routine dependency updates while keeping the merge path constrained and auditable. The workflow uses a dedicated gitlint config and custom rule to ensure each eligible commit changes exactly flake.lock. Documentation is added for the required GitHub App, secrets, permissions, and branch-ruleset bypass setup. Signed-off-by: Paul Kroeher <paul.kroeher@cyberus-technology.de> On-behalf-of: SAP paul.kroeher@sap.com
amphi
approved these changes
May 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
for details please look into:
ci/README.auto.approve.mdPipeline tests are here