feat(ci): reusable auto-merge-on-green workflow#16
Open
noahgift wants to merge 2 commits into
Open
Conversation
New workflow `auto-merge.yml` enables GitHub's built-in auto-merge (squash) on authorized PRs. Once all required status checks (org ruleset `gate`) pass, GitHub merges automatically — no manual click required. Escape hatches: draft PRs, `hold` label, `do-not-merge` label. Intended rollout: add `auto-merge` job to each repo's ci.yml (after `authorize`). Prerequisite per repo: `allow_auto_merge: true` in settings. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Bundles three bootstrap changes so this PR can flow through its own new
gate (no admin bypass needed):
1. New .github/workflows/ci.yml — runs actionlint + yamllint on every PR,
produces the 'gate' status check required by org ruleset 13878864
('Green Main'). Previously PRs to this repo had no checks and got
mergeStateStatus=BLOCKED by default.
2. Rolls sovereign-ci.yml container digest from
sha256:c23c4533… -> sha256:dd219db7…
corresponding to the sovereign-ci:stable image rebuilt on mac-server
after bumping the base to rust:1.95-slim-bookworm.
3. Together with the already-proposed auto-merge.yml (previous commit),
this establishes the pattern: CI green -> ruleset satisfied ->
auto-merge fires.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
.github/workflows/auto-merge.ymlthat enables GitHub's built-in squash auto-merge on authorized PRs.Green Mainrequires contextgate), GitHub merges automatically — no manual click.holdanddo-not-mergelabels skip the job.Why
Every PR today requires a manual merge click even when CI is green, pr-gate authorized the author, and the ruleset is satisfied. This workflow makes "CI green → merge" the fleet default, with explicit opt-outs when a human wants to hold the PR.
Rollout plan (not in this PR — will be proposed per-repo afterwards)
Each repo's
ci.ymlgains anauto-mergejob afterauthorize:```yaml
jobs:
authorize:
uses: paiml/.github/.github/workflows/pr-gate.yml@main
auto-merge:
needs: authorize
uses: paiml/.github/.github/workflows/auto-merge.yml@main
```
Prerequisite per repo: `allow_auto_merge: true` in repo settings (infra already has this; fleet sweep needed).
Test plan
auto-merge.ymlinto one pilot repo'sci.yml(suggest:copiaorbashrs)holdlabel,do-not-mergelabel all suppress🤖 Generated with Claude Code