From ea6d0c69694f78b3e751de4570c59e4d2c2c5add Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 14:29:02 +0900 Subject: [PATCH 01/21] add: setting workflow --- .github/workflows/setting.yml | 59 +++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 .github/workflows/setting.yml diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml new file mode 100644 index 0000000..3b26b1f --- /dev/null +++ b/.github/workflows/setting.yml @@ -0,0 +1,59 @@ +name: Configure Repo Settings + +on: + schedule: + - cron: "0 0 * * *" + workflow_dispatch: + +jobs: + configure: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Generate token + id: generate_token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_KEY }} + owner: ${{ github.repository_owner }} + repositories: ${{ github.repository }} + + - name: Enable auto-delete head branches + run: | + gh repo edit ${{ github.repository }} --delete-branch-on-merge + + - name: Apply Branch Protection Rules + run: | + cat < config.json + { + "required_status_checks": null, + "enforce_admins": false, + "required_pull_request_reviews": { + "dismiss_stale_reviews": false, + "require_code_owner_reviews": true, + "required_approving_review_count": 1 + }, + "restrictions": null, + "allow_force_pushes": false, + "allow_deletions": false + } + EOF + + gh api -X PUT "repos/${{ github.repository }}/branches/main/protection" \ + --input config.json + + - name: Set GitHub Pages Source + run: | + gh api -X PUT "repos/${{ github.repository }}/pages" \ + -f "source[branch]=${{ env.BRANCH }}" \ + -f "source[path]=${{ env.PATH }}" --silent \ + || \ + gh api -X POST "repos/${{ github.repository }}/pages" \ + -f "source[branch]=${{ env.BRANCH }}" \ + -f "source[path]=${{ env.PATH }}" + env: + BRANCH: gh-pages + PATH: / From 96d00d81c4cf4be74c98e7be17b86c7bfac51838 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 14:31:48 +0900 Subject: [PATCH 02/21] test --- .github/workflows/setting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 3b26b1f..8589936 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -1,6 +1,7 @@ name: Configure Repo Settings on: + pull_request: schedule: - cron: "0 0 * * *" workflow_dispatch: From 8cbc1f82590b65fdac2a46368e6d3539209a1547 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 14:37:45 +0900 Subject: [PATCH 03/21] test --- .github/workflows/setting.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 8589936..b5964fc 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -13,14 +13,12 @@ jobs: - name: Checkout uses: actions/checkout@v6 - - name: Generate token - id: generate_token + - name: Generate a token + id: generate-token uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_KEY }} - owner: ${{ github.repository_owner }} - repositories: ${{ github.repository }} - name: Enable auto-delete head branches run: | From 855c0b1860b2e906ebf6cae4fca83008a83c3f48 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 14:44:37 +0900 Subject: [PATCH 04/21] fix: GH_TOKEN --- .github/workflows/setting.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index b5964fc..91f63d2 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -23,6 +23,8 @@ jobs: - name: Enable auto-delete head branches run: | gh repo edit ${{ github.repository }} --delete-branch-on-merge + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} - name: Apply Branch Protection Rules run: | @@ -56,3 +58,4 @@ jobs: env: BRANCH: gh-pages PATH: / + GH_TOKEN: ${{ steps.generate-token.outputs.token }} From ab0f6165c9aa266ff779d3ddaf3cc39c54d14b96 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 15:43:50 +0900 Subject: [PATCH 05/21] fix: GH_TOKEN --- .github/workflows/setting.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 91f63d2..877cd06 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -45,6 +45,8 @@ jobs: gh api -X PUT "repos/${{ github.repository }}/branches/main/protection" \ --input config.json + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} - name: Set GitHub Pages Source run: | From 9b2ba47bfd756b4cd1f38d5e13a52d2e4fbba7d1 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 16:42:56 +0900 Subject: [PATCH 06/21] test --- .github/workflows/setting.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 877cd06..71a34b2 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -50,13 +50,17 @@ jobs: - name: Set GitHub Pages Source run: | - gh api -X PUT "repos/${{ github.repository }}/pages" \ - -f "source[branch]=${{ env.BRANCH }}" \ - -f "source[path]=${{ env.PATH }}" --silent \ - || \ - gh api -X POST "repos/${{ github.repository }}/pages" \ - -f "source[branch]=${{ env.BRANCH }}" \ - -f "source[path]=${{ env.PATH }}" + echo "Checking gh path..." + which gh + + echo "Configuring GitHub Pages..." + + if gh api -X POST "repos/${{ github.repository }}/pages" -f "source[branch]=${{ env.BRANCH }}" -f "source[path]=${{ env.PATH }}" --silent; then + true + else + echo "Update failed (likely not enabled). Creating new Pages settings..." + gh api -X PUT "repos/${{ github.repository }}/pages" -f "source[branch]=${{ env.BRANCH }}" -f "source[path]=${{ env.PATH }}" + fi env: BRANCH: gh-pages PATH: / From 99cb2987681f3ed4cfd98bfc2dfafc42329c45d6 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 16:49:17 +0900 Subject: [PATCH 07/21] test --- .github/workflows/setting.yml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 71a34b2..eb8e088 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -50,18 +50,14 @@ jobs: - name: Set GitHub Pages Source run: | - echo "Checking gh path..." - which gh - - echo "Configuring GitHub Pages..." - - if gh api -X POST "repos/${{ github.repository }}/pages" -f "source[branch]=${{ env.BRANCH }}" -f "source[path]=${{ env.PATH }}" --silent; then - true - else - echo "Update failed (likely not enabled). Creating new Pages settings..." - gh api -X PUT "repos/${{ github.repository }}/pages" -f "source[branch]=${{ env.BRANCH }}" -f "source[path]=${{ env.PATH }}" - fi + gh api -X POST "repos/${{ github.repository }}/pages" \ + -f "source[branch]=${{ env.BRANCH }}" \ + -f "source[path]=${{ env.TARGET_PATH }}" --silent \ + || \ + gh api -X PUT "repos/${{ github.repository }}/pages" \ + -f "source[branch]=${{ env.BRANCH }}" \ + -f "source[path]=${{ env.TARGET_PATH }}" env: BRANCH: gh-pages - PATH: / + TARGET_PATH: / GH_TOKEN: ${{ steps.generate-token.outputs.token }} From 8eaec351df7522a519df337ee54d24fa56b663ad Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 17:13:58 +0900 Subject: [PATCH 08/21] test --- .github/protection.json | 14 ++++++++ .github/workflows/setting.yml | 66 +++++++++++++++++++++-------------- 2 files changed, 53 insertions(+), 27 deletions(-) create mode 100644 .github/protection.json diff --git a/.github/protection.json b/.github/protection.json new file mode 100644 index 0000000..35f6c20 --- /dev/null +++ b/.github/protection.json @@ -0,0 +1,14 @@ +{ + "main": { + "allow_deletions": false, + "allow_force_pushes": false, + "enforce_admins": false, + "required_pull_request_reviews": { + "dismiss_stale_reviews": false, + "require_code_owner_reviews": true, + "required_approving_review_count": 1 + }, + "required_status_checks": null, + "restrictions": null + } +} diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index eb8e088..0a18ceb 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -7,12 +7,12 @@ on: workflow_dispatch: jobs: - configure: + generate: runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v6 + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: - name: Generate a token id: generate-token uses: actions/create-github-app-token@v2 @@ -20,34 +20,24 @@ jobs: app-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_KEY }} + delete-branch: + runs-on: ubuntu-latest + + needs: generate + + steps: - name: Enable auto-delete head branches run: | gh repo edit ${{ github.repository }} --delete-branch-on-merge env: - GH_TOKEN: ${{ steps.generate-token.outputs.token }} + GH_TOKEN: ${{ needs.generate.outputs.token }} - - name: Apply Branch Protection Rules - run: | - cat < config.json - { - "required_status_checks": null, - "enforce_admins": false, - "required_pull_request_reviews": { - "dismiss_stale_reviews": false, - "require_code_owner_reviews": true, - "required_approving_review_count": 1 - }, - "restrictions": null, - "allow_force_pushes": false, - "allow_deletions": false - } - EOF - - gh api -X PUT "repos/${{ github.repository }}/branches/main/protection" \ - --input config.json - env: - GH_TOKEN: ${{ steps.generate-token.outputs.token }} + pages: + runs-on: ubuntu-latest + + needs: generate + steps: - name: Set GitHub Pages Source run: | gh api -X POST "repos/${{ github.repository }}/pages" \ @@ -60,4 +50,26 @@ jobs: env: BRANCH: gh-pages TARGET_PATH: / - GH_TOKEN: ${{ steps.generate-token.outputs.token }} + GH_TOKEN: ${{ needs.generate.outputs.token }} + + protection: + runs-on: ubuntu-latest + + needs: generate + + steps: + - name: Apply Branch Protection Rules + run: | + for BRANCH in $BRANCHES; do + if ! gh api "repos/${{ github.repository }}/branches/$BRANCH" --silent >/dev/null 2>&1; then + echo "Warning: Branch '$BRANCH' does not exist in this repository. Skipping..." + continue + fi + + jq -c ".\"$BRANCH\"" "$CONFIG_FILE" > "$BRANCH_protection.json" + + gh api -X PUT "repos/${{ github.repository }}/branches/$BRANCH/protection" \ + --input "$BRANCH_protection.json" + done + env: + GH_TOKEN: ${{ needs.generate.outputs.token }} From a6502f14714efb40c7625cf9775030cafecdd79d Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 17:30:13 +0900 Subject: [PATCH 09/21] test --- .github/workflows/setting.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 0a18ceb..fe6515c 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -26,6 +26,9 @@ jobs: needs: generate steps: + - name: Checkout + uses: actions/checkout@v6 + - name: Enable auto-delete head branches run: | gh repo edit ${{ github.repository }} --delete-branch-on-merge @@ -38,6 +41,9 @@ jobs: needs: generate steps: + - name: Checkout + uses: actions/checkout@v6 + - name: Set GitHub Pages Source run: | gh api -X POST "repos/${{ github.repository }}/pages" \ @@ -58,8 +64,16 @@ jobs: needs: generate steps: + - name: Checkout + uses: actions/checkout@v6 + - name: Apply Branch Protection Rules run: | + if [ ! -f "$CONFIG_FILE" ]; then + echo "Error: $CONFIG_FILE not found!" + exit 1 + fi + for BRANCH in $BRANCHES; do if ! gh api "repos/${{ github.repository }}/branches/$BRANCH" --silent >/dev/null 2>&1; then echo "Warning: Branch '$BRANCH' does not exist in this repository. Skipping..." @@ -72,4 +86,5 @@ jobs: --input "$BRANCH_protection.json" done env: + CONFIG_FILE: .github/protection.json GH_TOKEN: ${{ needs.generate.outputs.token }} From 5be08584241e457bef3876480950d2aea820fb10 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 17:41:49 +0900 Subject: [PATCH 10/21] test --- .github/workflows/setting.yml | 40 +++++++++++++++++------------------ 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index fe6515c..fd93b06 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -7,11 +7,9 @@ on: workflow_dispatch: jobs: - generate: + delete-branch: runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} steps: - name: Generate a token id: generate-token @@ -20,29 +18,22 @@ jobs: app-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_KEY }} - delete-branch: - runs-on: ubuntu-latest - - needs: generate - - steps: - - name: Checkout - uses: actions/checkout@v6 - - name: Enable auto-delete head branches run: | gh repo edit ${{ github.repository }} --delete-branch-on-merge env: - GH_TOKEN: ${{ needs.generate.outputs.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} pages: runs-on: ubuntu-latest - needs: generate - steps: - - name: Checkout - uses: actions/checkout@v6 + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_KEY }} - name: Set GitHub Pages Source run: | @@ -56,17 +47,22 @@ jobs: env: BRANCH: gh-pages TARGET_PATH: / - GH_TOKEN: ${{ needs.generate.outputs.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} protection: runs-on: ubuntu-latest - needs: generate - steps: - name: Checkout uses: actions/checkout@v6 + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_KEY }} + - name: Apply Branch Protection Rules run: | if [ ! -f "$CONFIG_FILE" ]; then @@ -74,6 +70,8 @@ jobs: exit 1 fi + BRANCHES=$(jq -r 'keys[]' "$CONFIG_FILE") + for BRANCH in $BRANCHES; do if ! gh api "repos/${{ github.repository }}/branches/$BRANCH" --silent >/dev/null 2>&1; then echo "Warning: Branch '$BRANCH' does not exist in this repository. Skipping..." @@ -87,4 +85,4 @@ jobs: done env: CONFIG_FILE: .github/protection.json - GH_TOKEN: ${{ needs.generate.outputs.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} From 80139a991e22023e0fa291d98d89f99198b9d249 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 18:21:44 +0900 Subject: [PATCH 11/21] fix: path --- .github/workflows/setting.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index fd93b06..a63a80e 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -2,6 +2,9 @@ name: Configure Repo Settings on: pull_request: + paths: + - .github/workflows/setting.yml + - .github/protection.json schedule: - cron: "0 0 * * *" workflow_dispatch: From 3e24c56b310fbd276b6e67353b8b2398dadaeb4c Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 18:22:41 +0900 Subject: [PATCH 12/21] fix: name --- .github/workflows/setting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index a63a80e..4050285 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -1,4 +1,4 @@ -name: Configure Repo Settings +name: Repository Settings on: pull_request: From 85f7e0bb06e6eefa6832ac2d5df8eaf9e9411263 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Fri, 30 Jan 2026 18:31:20 +0900 Subject: [PATCH 13/21] fix: required_status_checks --- .github/protection.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/protection.json b/.github/protection.json index 35f6c20..7057356 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -8,7 +8,10 @@ "require_code_owner_reviews": true, "required_approving_review_count": 1 }, - "required_status_checks": null, + "required_status_checks": { + "contexts": [], + "strict": true + }, "restrictions": null } } From dd0a7182ac73bec732edc14a0bfd92695b8ac259 Mon Sep 17 00:00:00 2001 From: a5chin <81167661+a5chin@users.noreply.github.com> Date: Fri, 30 Jan 2026 18:32:03 +0900 Subject: [PATCH 14/21] Update .github/workflows/setting.yml Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .github/workflows/setting.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/setting.yml b/.github/workflows/setting.yml index 4050285..df488bb 100644 --- a/.github/workflows/setting.yml +++ b/.github/workflows/setting.yml @@ -81,10 +81,7 @@ jobs: continue fi - jq -c ".\"$BRANCH\"" "$CONFIG_FILE" > "$BRANCH_protection.json" - - gh api -X PUT "repos/${{ github.repository }}/branches/$BRANCH/protection" \ - --input "$BRANCH_protection.json" + jq -c ".\"$BRANCH\"" "$CONFIG_FILE" | gh api -X PUT "repos/${{ github.repository }}/branches/$BRANCH/protection" --input - done env: CONFIG_FILE: .github/protection.json From c668efa22ec6f511d13aa2cdb4720b1398d5eeb1 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Sun, 1 Feb 2026 11:56:12 +0900 Subject: [PATCH 15/21] fix: protection --- .github/CODEOWNERS | 1 - .github/protection.json | 8 ++++++++ .github/workflows/gh-deploy.yml | 1 + 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 3f0a0c9..7f95afc 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,5 +1,4 @@ * @a5chin -.github/ pyproject.toml uv.lock diff --git a/.github/protection.json b/.github/protection.json index 7057356..4ce4c3a 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -13,5 +13,13 @@ "strict": true }, "restrictions": null + }, + "gh-pages": { + "allow_deletions": false, + "allow_force_pushes": true, + "enforce_admins": false, + "required_pull_request_reviews": null, + "required_status_checks": null, + "restrictions": null } } diff --git a/.github/workflows/gh-deploy.yml b/.github/workflows/gh-deploy.yml index 93f5020..27cecc5 100644 --- a/.github/workflows/gh-deploy.yml +++ b/.github/workflows/gh-deploy.yml @@ -11,6 +11,7 @@ on: - "mkdocs.yml" - "pyproject.toml" - "uv.lock" + workflow_dispatch: permissions: contents: write From a509d44ea33722e9ef6ef8035b3540fffa6ce224 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Sun, 1 Feb 2026 12:26:48 +0900 Subject: [PATCH 16/21] fix: protection --- .github/protection.json | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/protection.json b/.github/protection.json index 4ce4c3a..e06875b 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -15,11 +15,6 @@ "restrictions": null }, "gh-pages": { - "allow_deletions": false, - "allow_force_pushes": true, - "enforce_admins": false, - "required_pull_request_reviews": null, - "required_status_checks": null, - "restrictions": null + "allow_force_pushes": true } } From 4522b625fb273a48f1d842ccc5fb46aceef51e3a Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Sun, 1 Feb 2026 12:32:05 +0900 Subject: [PATCH 17/21] fix: protection --- .github/protection.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/protection.json b/.github/protection.json index e06875b..4ce4c3a 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -15,6 +15,11 @@ "restrictions": null }, "gh-pages": { - "allow_force_pushes": true + "allow_deletions": false, + "allow_force_pushes": true, + "enforce_admins": false, + "required_pull_request_reviews": null, + "required_status_checks": null, + "restrictions": null } } From b72a8b5bceb4b0e786c7966cf1938272d719c21c Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Sun, 1 Feb 2026 12:37:05 +0900 Subject: [PATCH 18/21] fix: sqlfluffignore --- .sqlfluffignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.sqlfluffignore b/.sqlfluffignore index 4d6df9a..85d3f0c 100644 --- a/.sqlfluffignore +++ b/.sqlfluffignore @@ -194,3 +194,4 @@ cython_debug/ # dbt dbt_packages/ logs/ +target/ From 09e5f4a82da2671c420f29063dfeab725e829e2b Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Mon, 2 Feb 2026 10:52:17 +0900 Subject: [PATCH 19/21] fix: protection --- .github/protection.json | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/protection.json b/.github/protection.json index 4ce4c3a..914c383 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -9,7 +9,14 @@ "required_approving_review_count": 1 }, "required_status_checks": { - "contexts": [], + "contexts": [ + "coverage", + "deploy", + "lint", + "ruff", + "sqlfluff", + "ty" + ], "strict": true }, "restrictions": null From c2ea24eb6efbcdfd4c92b2d6bb5060621b02e813 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Mon, 2 Feb 2026 11:40:57 +0900 Subject: [PATCH 20/21] fix: coverage --- .github/workflows/test.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 94f5d09..7e7959a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -36,8 +36,17 @@ jobs: contents: read steps: + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_KEY }} + - name: Checkout uses: actions/checkout@v6 + with: + token: ${{ steps.generate-token.outputs.token }} - name: Setup Python with uv uses: ./.github/actions/setup-python-with-uv From f52ff963728244d7fa81a8de079cc645d7289969 Mon Sep 17 00:00:00 2001 From: d-eigo-hara Date: Mon, 2 Feb 2026 13:00:31 +0900 Subject: [PATCH 21/21] add: approver --- .github/protection.json | 11 ++--------- .github/workflows/approve.yml | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/approve.yml diff --git a/.github/protection.json b/.github/protection.json index 914c383..ba49d1c 100644 --- a/.github/protection.json +++ b/.github/protection.json @@ -5,18 +5,11 @@ "enforce_admins": false, "required_pull_request_reviews": { "dismiss_stale_reviews": false, - "require_code_owner_reviews": true, + "require_code_owner_reviews": false, "required_approving_review_count": 1 }, "required_status_checks": { - "contexts": [ - "coverage", - "deploy", - "lint", - "ruff", - "sqlfluff", - "ty" - ], + "contexts": [], "strict": true }, "restrictions": null diff --git a/.github/workflows/approve.yml b/.github/workflows/approve.yml new file mode 100644 index 0000000..610615a --- /dev/null +++ b/.github/workflows/approve.yml @@ -0,0 +1,18 @@ +name: Approver + +on: + pull_request: + types: + - opened + +jobs: + approve: + runs-on: ubuntu-latest + + if: endsWith(github.actor, '[bot]') + + steps: + - name: Approve + run: gh pr review ${{ github.event.number }} --approve + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}