feat(workflow): auto-approve and merge github-versions PR

2026-02-03 20:03:25 +01:00 · 2026-01-28 13:59:01 +01:00
parent f76080e9db
commit 2434e0ab3b
1 changed files with 57 additions and 45 deletions
--- a/.github/workflows/update-versions-github.yml
+++ b/.github/workflows/update-versions-github.yml
@@ -12,6 +12,8 @@ permissions:

 env:
  VERSIONS_FILE: frontend/public/json/github-versions.json
+  BRANCH_NAME: automated/update-github-versions
+  AUTOMATED_PR_LABEL: "automated pr"

 jobs:
  update-github-versions:
@@ -19,6 +21,20 @@ jobs:
    runs-on: ubuntu-latest

    steps:
+      - name: Generate a token
+        id: generate-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
+      - name: Generate a token for PR approval and merge
+        id: generate-token-merge
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ secrets.APP_ID_APPROVE_AND_MERGE }}
+          private-key: ${{ secrets.APP_KEY_APPROVE_AND_MERGE }}
+
      - name: Checkout Repository
        uses: actions/checkout@v4
        with:
@@ -166,53 +182,49 @@ jobs:
            git diff --stat "$VERSIONS_FILE" 2>/dev/null || true
          fi

-      - name: Create Pull Request
+      - name: Commit and push changes
+        if: steps.check-changes.outputs.changed == 'true'
+        run: |
+          git config --global user.name "github-actions[bot]"
+          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          git add "$VERSIONS_FILE"
+          git commit -m "chore: update github-versions.json"
+          git checkout -b $BRANCH_NAME || git checkout $BRANCH_NAME
+          git push origin $BRANCH_NAME --force
+
+      - name: Create pull request if not exists
+        if: steps.check-changes.outputs.changed == 'true'
+        env:
+          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
+        run: |
+          PR_EXISTS=$(gh pr list --head "${BRANCH_NAME}" --json number --jq '.[].number')
+          if [ -z "$PR_EXISTS" ]; then
+            gh pr create --title "[Github Action] Update github-versions.json" \
+                         --body "This PR is auto-generated by a Github Action to update the github-versions.json file." \
+                         --head $BRANCH_NAME \
+                         --base main \
+                         --label "$AUTOMATED_PR_LABEL"
+          fi
+
+      - name: Approve pull request
        if: steps.check-changes.outputs.changed == 'true'
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
-          BRANCH_NAME="automated/update-github-versions-$(date +%Y%m%d)"
-
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
-          git config --global user.name "GitHub Actions[bot]"
-
-          # Check if branch exists and delete it
-          git push origin --delete "$BRANCH_NAME" 2>/dev/null || true
-
-          git checkout -b "$BRANCH_NAME"
-          git add "$VERSIONS_FILE"
-          git commit -m "chore: update github-versions.json
-
-          Total versions: $(jq '.versions | length' "$VERSIONS_FILE")
-          Pinned versions: $(jq '[.versions[] | select(.pinned == true)] | length' "$VERSIONS_FILE")
-          Generated: $(jq -r '.generated' "$VERSIONS_FILE")"
-
-          git push origin "$BRANCH_NAME" --force
-
-          # Check if PR already exists
-          existing_pr=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[0].number // empty')
-
-          if [[ -n "$existing_pr" ]]; then
-            echo "PR #$existing_pr already exists, updating..."
-          else
-            gh pr create \
-              --title "[Automated] Update GitHub versions" \
-              --body "This PR updates version information from GitHub releases.
-
-          ## How it works
-          1. Scans all JSON files in \`frontend/public/json/\` for slugs
-          2. Finds corresponding \`install/{slug}-install.sh\` scripts
-          3. Extracts \`fetch_and_deploy_gh_release\` calls
-          4. Fetches latest (or pinned) version from GitHub
-
-          ## Stats
-          - Total versions: $(jq '.versions | length' "$VERSIONS_FILE")
-          - Pinned versions: $(jq '[.versions[] | select(.pinned == true)] | length' "$VERSIONS_FILE")
-          - Latest versions: $(jq '[.versions[] | select(.pinned == false)] | length' "$VERSIONS_FILE")
-
-          ---
-          *Automatically generated from install scripts*" \
-              --base main \
-              --head "$BRANCH_NAME" \
-              --label "automated pr"
+          PR_NUMBER=$(gh pr list --head "${BRANCH_NAME}" --json number --jq '.[].number')
+          if [ -n "$PR_NUMBER" ]; then
+            gh pr review $PR_NUMBER --approve
+          fi
+
+      - name: Approve pull request and merge
+        if: steps.check-changes.outputs.changed == 'true'
+        env:
+          GH_TOKEN: ${{ steps.generate-token-merge.outputs.token }}
+        run: |
+          git config --global user.name "github-actions-automege[bot]"
+          git config --global user.email "github-actions-automege[bot]@users.noreply.github.com"
+          PR_NUMBER=$(gh pr list --head "${BRANCH_NAME}" --json number --jq '.[].number')
+          if [ -n "$PR_NUMBER" ]; then
+            gh pr review $PR_NUMBER --approve
+            gh pr merge $PR_NUMBER --squash --admin
          fi