ci: merge-back pushes directly to beta via GitHub App#489
Merged
steilerDev merged 5 commits intobetafrom Mar 6, 2026
Merged
Conversation
…t hook - Remove `ci` output from detect-changes and all downstream conditions. Workflow-only PRs no longer trigger the full pipeline (~20+ runner-minutes saved). Dockerfile/.nvmrc are covered by `app`, e2e/ by `e2e`. - Change DOCKERHUB_USERNAME from secrets to vars in ci.yml and release.yml (usernames are not sensitive and belong in repository variables). - Remove pre-commit hook (typecheck runs in CI quality gates). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Auto-fix workflow now commits and pushes directly to beta instead of creating a PR. The github.actor guard prevents infinite loops. - Remove husky and lint-staged dependencies — no longer needed since pre-commit hook was removed and validation runs in CI. - Drop pull-requests write permission (no longer creating PRs). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use a dedicated GitHub App (cornerstone-bot) instead of github-actions[bot] to push auto-fix commits to beta. This allows scoping the branch protection bypass to only this app, rather than giving blanket bypass to all Actions. Setup required: - Create GitHub App with Contents: Read & Write permission - Store App ID as vars.BOT_APP_ID, private key as secrets.BOT_PRIVATE_KEY - Add only this app to beta's ruleset bypass list Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Quality Gates now depends on all jobs (static-analysis, test, docker, e2e-warmup, e2e-smoke, e2e, e2e-merge-reports) and always runs. It accepts skipped results but fails on any failure/cancellation. Docker PR Release now only runs after Quality Gates passes. This ensures the Quality Gates required check always reports a status, making PRs mergeable even when upstream jobs are skipped. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the merge-back PR with a direct merge+push using the cornerstone-bot app token. This eliminates the manual step of merging the sync PR after every stable release. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
|
🎉 This PR is included in version 1.12.0-beta.49 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
cornerstone-botapp tokenTest plan
🤖 Generated with Claude Code