Last active
January 21, 2022 20:27
-
-
Save jgleonard/41aa53bb2de71102216f926282927eca to your computer and use it in GitHub Desktop.
Actions workflow that bypasses Actions Checks and approves itself in PRs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| # This workflow will purposely fail a check, then change that status to success. | |
| # It will then approve and merge itself when a PR has been created. | |
| # This is certainly not something you should usually do and I take no responsibility for how it's used. | |
| # This is for informational purposes only. | |
| on: | |
| # Triggers the workflow on pull request events but only for the main branch | |
| pull_request: | |
| branches: [ main ] | |
| # Set permissions for the GITHUB_TOKEN | |
| permissions: | |
| pull-requests: write # needed for approval | |
| checks: write # needed for check bypass, but if no permissions set, is set by default | |
| contents: write # needed for merge | |
| jobs: | |
| # This creates a single job called "fail" that always fails | |
| fail: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Fails the job | |
| - name: Fail a status check | |
| run: exit 1 | |
| # This job passes all status checks | |
| pass: | |
| runs-on: ubuntu-latest | |
| needs: fail | |
| if: ${{ always() }} | |
| steps: | |
| - name: Iterate over all the checks and mark them as "success" | |
| run: | | |
| for URL in $(curl \ | |
| -H 'Accept: application/vnd.github.v3+json' \ | |
| -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
| https://api.github.com/repos/${{ github.repository }}/commits/${{ github.head_ref }}/check-runs | jq -r '.check_runs[].url'); do | |
| curl \ | |
| -X PATCH \ | |
| -H 'Accept: application/vnd.github.v3+json' \ | |
| --url $URL \ | |
| --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
| --header 'content-type: application/json' \ | |
| -d '{"conclusion":"success"}'; | |
| done | |
| # This job approves and merges a PR automatically | |
| approve-and-merge: | |
| runs-on: ubuntu-latest | |
| needs: pass | |
| if: ${{ always() }} | |
| steps: | |
| - run: | # approve and merge the pull request | |
| curl --request POST \ | |
| --url https://api.github.com/repos/${{github.repository}}/pulls/${{github.event.number}}/reviews \ | |
| -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
| -H 'content-type: application/json' \ | |
| -d '{"event":"APPROVE"}' | |
| curl \ | |
| -X PUT \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
| --url https://api.github.com/repos/${{github.repository}}/pulls/${{github.event.number}}/merge \ | |
| -d '{"commit_title":"Merge PR ${{github.event.number}}"}' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment