Streamlining PR Workflows with GitHub Actions Auto-Approval and Merge
Project Context
In the Breniapp/brenia project, we continuously look for ways to optimize our development workflows. One common challenge in many projects is the manual overhead associated with reviewing and merging pull requests, even those from trusted or automated sources. To address this for specific use cases, we implemented an automated CI/CD solution.
The Challenge: Manual PR Management
For contributions originating from specific internal tools or highly trusted automated processes, the traditional manual review and merge process can introduce unnecessary delays. While human review is crucial for general contributions, certain PRs—like those generated by a bot for dependency updates or routine maintenance tasks—can benefit from automation. Our goal was to reduce this manual friction for designated automated contributors without compromising code quality for general PRs.
Our Solution: GitHub Actions Automation
We deployed a GitHub Actions workflow designed to automatically approve and merge pull requests initiated by a specified user. This streamlines the integration of changes from trusted automated sources, ensuring they are incorporated swiftly and efficiently.
How the Workflow Operates
- Trigger Events: The workflow activates on
opened,synchronize, andreopenedevents for any pull request. - Author Check: It first verifies if the pull request's author matches our designated automated user (e.g.,
domingateixido2). This ensures the automation only applies to intended contributions. - Automatic Approval: If the author matches, the
hmarr/auto-approve-actionis used to automatically approve the PR. This action utilizes aPAT(Personal Access Token) secret configured for repository owner's account for approval. - Automatic Merge: Following approval, the workflow proceeds to enable auto-merge using the
gh pr merge --auto --mergecommand. This sets the PR to merge automatically once all other checks (like CI tests) pass.
Implementation Details
Here’s a simplified example of the GitHub Actions YAML configuration:
name: Auto Approve and Merge
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
auto-approve-merge:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
if: github.actor == 'domingateixido2' # Replace with your designated bot user
steps:
- name: Auto Approve Pull Request
uses: hmarr/auto-approve-action@v4
with:
github-token: ${{ secrets.AUTO_APPROVE_PAT }}
- name: Enable Auto-Merge
run: gh pr merge --auto --merge "${{ github.event.pull_request.html_url }}"
env:
GITHUB_TOKEN: ${{ secrets.AUTO_APPROVE_PAT }}
This setup allows us to leverage GitHub's native functionalities and a well-maintained third-party action to create a robust and secure automation loop.
Benefits and Key Takeaway
By implementing this workflow, we significantly reduced the manual effort required for routine updates and automated contributions. This translates to faster integration cycles, less human intervention for predictable tasks, and allows our development team to focus on more complex, high-value work. The key takeaway is that strategic automation of CI/CD steps, especially for trusted sources, can dramatically streamline your development pipeline and boost overall team productivity.
Consider identifying repetitive, low-risk PR workflows in your own projects and exploring how GitHub Actions can automate them.
