averello/repomix-mirror
1
0
Fork 0
mirror of https://github.com/yamadashy/repomix.git synced 2026-06-11 15:37:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

ci(schema): Deliver schema updates via PR instead of direct push to main

Browse Source 
intent(schema-update): the Update Schema workflow's direct push to main fails at every version bump — the branch ruleset rejects it (GH013, pull_request required) because github-actions[bot] is not in the bypass list (only the admin role is)
decision(schema-update): on main (push / workflow_dispatch) open a PR via peter-evans/create-pull-request instead of pushing; keep the existing git-auto-commit-into-PR-branch behavior for pull_request events so schema changes still ride along with the PR that caused them
decision(schema-token): use the existing COMMITTER_TOKEN PAT so the generated PR triggers CI and is mergeable; the create-pull-request step is gated to non-pull_request events, so the PAT is never exposed to fork-triggered runs
constraint(branch-ruleset): main requires PR + 1 approving + code-owner review with no required status checks, so the schema PR is merged by the admin (bypass) — typically one click per release

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kazuki Yamada
2026-05-30 22:35:00 +09:00
parent c4eac374c2
commit 77f72f6fc8
1 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/schema-update.yml
+25 -1
View File
@@ -9,6 +9,7 @@ on:
permissions:
contents: write
pull-requests: write
jobs:
generate-schema:
@@ -24,9 +25,32 @@ jobs:
cache: npm
- run: npm ci
- run: node --run website-generate-schema
- uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
# On pull requests, commit the regenerated schema back into the PR branch
# so the schema change rides along with the PR that caused it.
- if: github.event_name == 'pull_request'
uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
with:
commit_message: 'chore(schema): auto generate schema'
commit_user_name: "github-actions[bot]"
commit_user_email: "github-actions[bot]@users.noreply.github.com"
commit_author: "github-actions[bot] <github-actions[bot]@users.noreply.github.com>"
# On main (e.g. after a version bump), direct pushes are blocked by the
# branch ruleset (pull_request required), so deliver the regenerated
# schema as a PR instead. COMMITTER_TOKEN is used so the PR triggers CI
# and is mergeable.
- if: github.event_name != 'pull_request'
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
with:
token: ${{ secrets.COMMITTER_TOKEN }}
commit-message: 'chore(schema): auto generate schema'
branch: chore/schema-update
delete-branch: true
title: 'chore(schema): Update configuration JSON schema'
body: |
Automated schema update generated by the Update Schema workflow.
Direct pushes to `main` are blocked by the branch ruleset, so the
regenerated schema is delivered as this PR instead.
author: 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>'