Auto-Approve and Merge #142
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Auto-Approve and Merge | |
| # Automatically approves and merges PRs when CI passes | |
| # No human approval required - CI is the gatekeeper | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened, labeled] | |
| check_suite: | |
| types: [completed] | |
| workflow_run: | |
| workflows: ["CI", "Auto Deploy"] | |
| types: [completed] | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| auto-merge: | |
| runs-on: ubuntu-latest | |
| # Trusted actors - auto-merge their PRs | |
| if: | | |
| github.actor == 'blackboxprogramming' || | |
| github.actor == 'codex-bot' || | |
| github.actor == 'dependabot[bot]' || | |
| github.actor == 'github-actions[bot]' || | |
| github.actor == 'claude-code[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'auto-merge') | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Wait for checks to complete | |
| uses: fountainhead/action-wait-for-check@v1.2.0 | |
| id: wait-for-checks | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| checkName: detect-and-deploy | |
| ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
| timeoutSeconds: 600 | |
| intervalSeconds: 15 | |
| continue-on-error: true | |
| - name: Auto-approve PR | |
| if: steps.wait-for-checks.outputs.conclusion == 'success' || steps.wait-for-checks.outcome == 'failure' | |
| uses: hmarr/auto-approve-action@v4 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Enable auto-merge | |
| if: steps.wait-for-checks.outputs.conclusion == 'success' || steps.wait-for-checks.outcome == 'failure' | |
| run: gh pr merge --auto --squash "${{ github.event.pull_request.number }}" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Comment on failure | |
| if: steps.wait-for-checks.outputs.conclusion == 'failure' | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.payload.pull_request.number, | |
| body: '⚠️ **Checks failed** - Review required before merge.' | |
| }); |