Settings for Team Development
Repository Setting
- Allow auto-merge
Branch Protection Rules
mainRequire a pull request before mergingRequire approvals(1 approval)Dismiss stale pull request approvals when new commits are pushedRequire review from Code OwnersRequire approval of the most recent reviewable push
Require status checks to pass before mergingStatus checks that are required.:status-check
Do not allow bypassing the above settings
renovate/*Do not allow bypassing the above settingsRestrict who can push to matching branchesRestrict pushes that create matching branchesrenovate- Dedicated GitHub App
Allow deletions: Allow to delete pull request branchesAllow force pushes: Allow Renovate to rebase branchesSpecify who can force pushrenovate
Personal Access Token
You should use fine-grained personal access token rather than legacy access token.
- Permissions:
pull-requests: write: To approve a pull request
GitHub App
Create a GitHub App to push commits to Renovate branches and enable auto-merge.
- Permissions
contents: write- Push a commit to a pull request
- Enable auto-merge
pull-requests: write- Enable auto-merge
workflows: write- Enable auto-merge of pull requests updating GitHub Actions Workflows
If workflows: write is missing, auto-merge is disabled.
auto-merge was automatically disabled 8 minutes ago
Tried to create or update workflow withoutworkflowspermission
GitHub Environment
renovate- deployment branch rule:
renovate/*,main(mainis optional) - Secrets
APP_ID: GitHub App IDAPP_PRIVATE_KEY: GitHub App Private KeyGH_TOKEN_APPROVE_RENOVATE_PR: personal access token to approve pull requests
- deployment branch rule:
tip
main is optional but required to support updating Renovate branches by pull request comment.
GitHub Actions Workflows
Create three workflows.
tip
update-branch is optional but required to support updating Renovate branches by pull request comment.