Skip to content

ambilykk/deployment-auto-approve

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Deployment Auto Approve

Automatic approval of pending deployments that are waiting on approval by a required reviewer.

Note: Required reviewers with read access to the repository contents and deployments can use this action to bypass the approval

User Scenario - There is no out of the box control to pre-approve workflows. The jobs that are protected by environment must be approved only once all previous jobs are completed. As a result, we had to come back to workflow at the right time to approve steps for the changes we are confident.

How to Use the Action

PAT Token

Create a PAT token to get access to the Deployment and Environment details. Pass this token as an input to the action - GITHUB_TOKEN

action in workflow

Include the deployment-auto-approve action in your workflow.

Following is the sample code for integrating this action with your workflow. Sample workflow defines three jobs - First, Second and Third. Third job runs on environment 'demo', configured with Environment Protection Rule (Required reviewers).

env protection rule

Auto Approval is controlled using the workflow input - approve_deploy [custom input variable]

jobs:
  First:
    name: First
    runs-on: ubuntu-latest      
    steps:
     - name: Hello World
       run: | 
          echo "Hello from first job"
  Second:
    name: Second
    runs-on: ubuntu-latest  
    steps:
     - name: Second job       
       run: | 
          echo "Hello from first job"
     - name: checkout
       uses: actions/checkout@v3
        
     - name: Auto approve
       if: ${{ inputs.approve_deploy == 'approve' }}
       uses: ambilykk/deployment-auto-approve@main
       with:
         GITHUB_TOKEN: ${{secrets.GH_TOKEN}}   
         environment: ${{ inputs.environment }}
          
  Third:
    runs-on: ubuntu-latest  
    environment: demo
    steps:             
      - name: Final job   
        run: |
         echo "Third job"        

Responses

  1. Notification - when the deployment-auto-approve action executed by a user who is not added as a reviewer Screenshot 2022-10-20 at 12 08 25 PM

  2. The environment passed was not found in the list of environment to pre-approve

    Screenshot 2022-10-20 at 2 11 04 PM

  3. Deployment Review & Summary - when executed by a reviewer

    Screenshot 2022-10-20 at 12 13 17 PM

Parameters

Name Required Description
GITHUB_TOKEN Yes PAT Token for access
environment Yes Environment to pre-approve deployment

Limitations

  • If the workflow jobs defined as dependent workflows (using - needs), then this action will not work
  • If the workflow triggered by a non-reviewer, auto approval will not work

License

The scripts and documentation in this project are released under the MIT License