Approve PR Action
is a set of GitHub Actions to approve pull requests securely by the Client/Server Model.
Approve PR Action allows you to approve pull requests by Machine Users securely without sharing Machine Users' Personal Access Tokens (PAT) across GitHub Actions workflows. It elevates the security of your workflows to the next level.
- 💪 Approve pull requests to merge pull requests automatically
- 🛡 Secure
- You don't need to pass PAT of machine users to GitHub Actions workflows on the client side
- 😊 Easy to use
- You don't need to host a server application
- 😉 OSS (MIT License)
You want to merge some pull requests created by GitHub Apps like Renovate automatically.
But if approvals from codeowners are required by Branch Rulesets, you need to approve pull requests automatically. GitHub Apps can't be codeowners, so you need to approve pull requests using machine user's PAT. But if the PAT is abused, people can approve any pull requests using it and merge them without pull request reviews. It's so dangerous. So you must protect machine user's PAT securely. You shouldn't pass it to workflows widely.
This action allows you to protect PAT by the Client/Server Model.
Coming soon.
Coming soon.
Approve PR Action composes of following actions:
- securefix-action/approve-pr-action (action.yaml): Client action
- securefix-action/approve-pr-action/server (action.yaml): Server action