Merge pull request #14 from fullsizemalt/claude/auto-approval-workflow-2025-11-18

ci: add OpenSpec auto-approval workflow

Automatically approves and labels OpenSpec proposal/spec PRs from Claude agents.

Features:
- Auto-approves PRs that only modify openspec/ directory
- Adds 'openspec' and 'auto-approved' labels
- Posts confirmation comment
- Only applies to claude/ branches and fullsizemalt user

This removes the approval bottleneck for infrastructure proposals and allows faster iteration on specs.

.github/workflows/openspec-auto-approve.yml

@@ -0,0 +1,67 @@
+name: OpenSpec Auto-Approval
+
+on:
+  pull_request:
+    paths:
+      - 'openspec/changes/**'
+      - 'openspec/specs/**'
+      - '.github/workflows/openspec-auto-approve.yml'
+    types: [opened, synchronize, reopened]
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  auto-approve-openspec:
+    runs-on: ubuntu-latest
+    # Only approve PRs from Claude (AI agents)
+    if: github.actor == 'fullsizemalt' || contains(github.head_ref, 'claude/')
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check if PR is OpenSpec-related
+        id: check_openspec
+        run: |
+          # Check if changes are only in openspec directory
+          CHANGED_FILES=$(git diff --name-only origin/main...HEAD)
+          OPENSPEC_FILES=$(echo "$CHANGED_FILES" | grep -E '^openspec/' | wc -l)
+          TOTAL_FILES=$(echo "$CHANGED_FILES" | wc -l)
+
+          if [ "$OPENSPEC_FILES" -eq "$TOTAL_FILES" ] && [ "$OPENSPEC_FILES" -gt 0 ]; then
+            echo "is_openspec=true" >> $GITHUB_OUTPUT
+          else
+            echo "is_openspec=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Auto-approve OpenSpec PR
+        if: steps.check_openspec.outputs.is_openspec == 'true'
+        uses: hmarr/auto-approve-action@v3
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Add OpenSpec label
+        if: steps.check_openspec.outputs.is_openspec == 'true'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['openspec', 'auto-approved']
+            })
+
+      - name: Comment on PR
+        if: steps.check_openspec.outputs.is_openspec == 'true'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: '✅ **Auto-approved** via OpenSpec workflow.\n\nThis PR modifies only OpenSpec proposals and specs. Ready for merge. 🚀'
+            })