From eb364bf72aa4bd45dc44ecccf54f5fefbeaaaba6 Mon Sep 17 00:00:00 2001 From: Glavatskikh Denis Date: Tue, 2 Jun 2026 12:28:35 +0200 Subject: [PATCH] fix: open and self-merge a PR instead of pushing to protected master Direct push from the workflow is rejected by branch protection (GH006: changes must be made through a pull request). The job now pushes a branch, opens a PR, and squash-merges it automatically. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/update-readme-deps.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-readme-deps.yml b/.github/workflows/update-readme-deps.yml index 8d82f4c..b9f7264 100644 --- a/.github/workflows/update-readme-deps.yml +++ b/.github/workflows/update-readme-deps.yml @@ -18,6 +18,7 @@ on: permissions: contents: write + pull-requests: write concurrency: group: update-readme-deps @@ -41,14 +42,24 @@ jobs: APPODEAL_API_URL: ${{ vars.APPODEAL_API_URL }} run: node scripts/update-readme-deps.mjs - - name: Commit changes if any + - name: Open and merge PR if README changed + # master is protected (changes must go through a PR), so the bot cannot push + # directly. It pushes a branch, opens a PR, and merges it — no manual step. + env: + GH_TOKEN: ${{ github.token }} run: | if git diff --quiet -- README.md; then echo "README dependencies already up to date." exit 0 fi + BRANCH="chore/update-readme-deps-${{ github.run_id }}" git config user.name "github-actions[bot]" git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + git switch -c "$BRANCH" git add README.md git commit -m "chore: sync README dependency lists from Wizard API" - git push + git push origin "$BRANCH" + gh pr create --base master --head "$BRANCH" \ + --title "chore: sync README dependency lists from Wizard API" \ + --body "Automated update from the Appodeal Dependencies Wizard API." + gh pr merge "$BRANCH" --squash --delete-branch