8000 GitHub - csm-actions/approve-pr-action at v0.1.0
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

csm-actions/approve-pr-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

116 Commits
.github
.github
 
 
aqua
aqua
 
 
server
server
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
_typos.toml
_typos.toml
 
 
action.yaml
action.yaml
 
 
renovate.json5
renovate.json5
 
 

Repository files navigation

Approve PR Action

License | Versioning Policy

Approve PR Action is a set of GitHub Actions to approve pull requests securely by the Client/Server Model.

Approve PR Action allows you to approve pull requests by Machine Users securely without sharing Machine Users' Personal Access Tokens (PAT) across GitHub Actions workflows. It elevates the security of your workflows to the next level.

Features

  • 💪 Approve pull requests to merge pull requests automatically
  • 🛡 Secure
    • You don't need to pass PAT of machine users to GitHub Actions workflows on the client side
  • 😊 Easy to use
    • You don't need to host a server application
  • 😉 OSS (MIT License)

Overview

You want to merge some pull requests created by GitHub Apps like Renovate automatically.

But if approvals from codeowners are required by Branch Rulesets, you need to approve pull requests automatically. GitHub Apps can't be codeowners, so you need to approve pull requests using machine user's PAT. But if the PAT is abused, people can approve any pull requests using it and merge them without pull request reviews. It's so dangerous. So you must protect machine user's PAT securely. You shouldn't pass it to workflows widely.

This action allows you to protect PAT by the Client/Server Model.

How To Set Up

  • Create a server repository
  • Create a server GitHub App:
    • Required Permissions: pull_requests:read and contents:read To validate pull requests
    • Installed Repositories: client and server repositories
  • Create a fine-grained PAT of a machine user
    • Required Permissions:
      • pull_requests:write: To approve pull requests
    • Repositories: client repositories
  • Allow the server workflow to access the PAT securely
  • Create the server workflow: Example
  • Create a client GitHub App:
    • Required Permissions: issues:write To create GitHub Issue labels
    • Installed Repositories: client and server repositories
  • Run the client action in client workflows: Example

Actions

Approve PR Action composes of following actions:

About

GitHub Action to approve pull requests securely

Topics

security oss github-actions

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

12 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 3

v0.1.1 Latest
May 5, 2025
+ 2 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  
0