Comments (1)
The way we usually solve this problem (automatically merging PRs from bots or scripts) is a bit different:
- Policy Bot is always a required status check in GitHub
- PRs from bots that modify the right files are automatically approved
- PRs from humans require review (you could also auto-approve these if you wanted)
- Bulldozer will always wait for required status checks (as configured in GitHub) to pass
- When bots open PRs, they add the
merge when ready
label to the PR. This label is the trigger that enables Bulldozer to merge the PR when all the checks are passing. You could also have another app or a GitHub Action add labels like this.
In other words, while Policy Bot is a precondition to merge, it is not the trigger that activates Bulldozer. This has worked pretty well for us and I think it's useful to be able to say that a check is always required and should always be present on a PR.
That said, you are not the first person to ask for Policy Bot to skip PRs where the policy does not match any rules. We added the explicit failure as a safety measure to help prevent policies that accidentally approved or ignore changes that they shouldn't have. We developed Policy Bot primarily as a compliance tool, so these safety measures are important.
I think we could add a server-level flag to control this behavior so people who are using Policy Bot for convenience rather than compliance could disable this and skip posting a status when no rules match. Unlike the initial implementation in #711, I think we want to only skip posting a status when there are no matching rules. The pending status is useful to indicate that you probably have a condition wrong in the policy (something should have been approved, but it was not) and the failure/error status is useful if something goes wrong during evaluation.
Making this a server-level flag is important to us because for our workflows, we don't want individual projects to be able to opt-in to this feature. We'd leave it disabled (which should also be the default), but you and other users could enable it when you deploy Policy Bot.
from policy-bot.
Related Issues (20)
- Request for Advice on Using Policy Bot in Open Source Projects for Testing, Approving, Merging of PRs HOT 3
- Unable to run policy-bot behind a reverse-prxoy HOT 3
- `common.IsActor()` does not actually use `ctx` and can be simplified.
- Condition for not having specific label(s) HOT 6
- has_successful_status causes review requests while PR has draft status HOT 5
- Status check clarification HOT 2
- Feature Request: Predicate to skip rule if a file was changed HOT 6
- Feature Request: Option to count skipped jobs in has_successful_status HOT 5
- Clarify why users are "disqualified" when approval is ignored
- Create new production Release 🚀 HOT 1
- Connecting lines broken when hiding skipped rules with errors
- requires.conditions not working correctly in rule HOT 2
- behavior when using `invalidate_on_push` and `ignore_commits_by`? HOT 2
- Rebase invalidates approval HOT 1
- Concurrent deployments can overwrite statuses unintentionally HOT 1
- Status checks not re-run when used with merge queue HOT 2
- Paths in public_url are removed from OAuth routes
- Re-evaluate policy when PR base branch changes
- has_successful_status may use incorrect check-run HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from policy-bot.