Closed mrjones2014 closed 2 months ago
For reference, I based the new job on this: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#approve-a-pull-request
A little bit more explanation: I also scoped this down to help further ensure that these auto-approvals only apply to the flake.lock
automated PRs by updating the original job to add a label flake.lock automation
to the flake.lock
update PRs, and then this new PR approval job only runs if:
github-actions[bot]
flake.lock automation
label
Overview
Makes the
github-actions[bot]
automatically approve its own automatedflake.lock
update PRs. The PRs will still require 1 manual human approval, but only requiring 1 human approval helps us keep up with it, and there is reduced risk with these PRs vs. dependabot PRs for example, since we're only pulling inflake-utils
andnixpkgs
which are already screened by their respective maintainers.Type of change
- [ ] Created a new plugin - [ ] Improved an existing plugin - [ ] Fixed a bug in an existing plugin - [x] Improved contributor utilities or experience ## Related Issue(s) * Resolves: #452 ## How To TestTODO I'm not sure how exactly to test this other than merging it to main and running a new flake.lock automation job to see if this applies correctly to it. @AndyTitu any ideas?
Changelog
Update flake.lock automation to reduce maintenance burden.