search

1Password / shell-plugins

Seamless authentication for every tool in your terminal.
https://developer.1password.com/docs/cli/shell-plugins/
MIT License
506 stars 163 forks source link

chore(ci): Auto-add one approval to automated flake.lock PRs #456

Closed mrjones2014 closed 2 months ago

mrjones2014 commented 2 months ago

Overview

Makes the github-actions[bot] automatically approve its own automated flake.lock update PRs. The PRs will still require 1 manual human approval, but only requiring 1 human approval helps us keep up with it, and there is reduced risk with these PRs vs. dependabot PRs for example, since we're only pulling in flake-utils and nixpkgs which are already screened by their respective maintainers.

Type of change

- [ ] Created a new plugin - [ ] Improved an existing plugin - [ ] Fixed a bug in an existing plugin - [x] Improved contributor utilities or experience ## Related Issue(s) * Resolves: #452 ## How To Test

TODO I'm not sure how exactly to test this other than merging it to main and running a new flake.lock automation job to see if this applies correctly to it. @AndyTitu any ideas?

Changelog

Update flake.lock automation to reduce maintenance burden.
mrjones2014 commented 2 months ago

For reference, I based the new job on this: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#approve-a-pull-request

mrjones2014 commented 2 months ago

A little bit more explanation: I also scoped this down to help further ensure that these auto-approvals only apply to the flake.lock automated PRs by updating the original job to add a label flake.lock automation to the flake.lock update PRs, and then this new PR approval job only runs if: